Arbitrary Code Injection through Cross-Site Scripting (XSS) Vulnerability in ZAP 1.0.3

Arbitrary Code Injection through Cross-Site Scripting (XSS) Vulnerability in ZAP 1.0.3

CVE-2002-2377 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in addentry.cgi in ZAP 1.0.3 allows remote attackers to inject arbitrary SSi directives, web script, and HTML via the entry field.

Learn more about our Web App Pen Testing.