Arbitrary Script Execution via Cross-Site Scripting (XSS) in BadBlue Enterprise and Personal Edition 1.7 and 1.7.2
CVE-2002-1685 · MEDIUM Severity
AV:N/AC:M/AU:N/C:N/I:P/A:N
Cross-site scripting vulnerability (XSS) in BadBlue Enterprise Edition and Personal Edition 1.7 and 1.7.2 allows remote attackers to execute arbitrary script as other users by injecting script into ext.dll ISAPI.
Learn more about our Api Penetration Testing.