VYPR
Unrated severityNVD Advisory· Published Jun 30, 2003· Updated Jun 16, 2026

CVE-2003-0405

CVE-2003-0405

Description

Vignette StoryServer 5 and Vignette V/6 allows remote attackers to execute arbitrary TCL code via (1) an HTTP query or cookie which is processed in the NEEDS command, or (2) an HTTP Referrer that is processed in the VALID_PATHS command.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

9
  • cpe:2.3:a:vignette:content_suite:5.0:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:vignette:content_suite:5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:vignette:content_suite:6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:vignette:content_suite:6.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:vignette:content_suite:6.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:vignette:content_suite:6.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:vignette:storyserver:5.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:vignette:storyserver:5.0:*:*:*:*:*:*:*
    • (no CPE)range: 5
  • cpe:2.3:a:vignette:vignette:5.0:*:*:*:*:*:*:*
  • Vignette/V/6llm-fuzzy

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.