Privilege Escalation via Cross-Site Scripting in DCP-Portal 4.2 and Earlier

Privilege Escalation via Cross-Site Scripting in DCP-Portal 4.2 and Earlier

CVE-2002-0281 · MEDIUM Severity

AV:N/AC:H/AU:N/C:P/I:P/A:P

Cross-site scripting vulnerability in DCP-Portal 4.2 and earlier allows remote attackers to gain privileges of other portal users by providing Javascript in the job information field to user_update.php.

Learn more about our User Device Pen Test.