Vulnerability Details : CVE-2001-0991
Cross-site scripting vulnerability in Proxomitron Naoko-4 BetaFour and earlier allows remote attackers to execute arbitrary script on other clients via an incorrect URL containing the malicious script, which is printed back in an error message.
Vulnerability category: Cross site scripting (XSS)
Exploit prediction scoring system (EPSS) score for CVE-2001-0991
Probability of exploitation activity in the next 30 days: 3.34%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 90 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2001-0991
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2001-0991
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/6887
-
http://www.securityfocus.com/archive/1/198954
Patch;Vendor Advisory
-
http://www.securityfocus.com/bid/3087
Exploit;Patch;Vendor Advisory
Products affected by CVE-2001-0991
- cpe:2.3:a:scott_r._lemmon:proxomitron_naoko-4:beta3:*:*:*:*:*:*:*
- cpe:2.3:a:scott_r._lemmon:proxomitron_naoko-4:beta4:*:*:*:*:*:*:*
- cpe:2.3:a:scott_r._lemmon:proxomitron_naoko-4:beta1:*:*:*:*:*:*:*
- cpe:2.3:a:scott_r._lemmon:proxomitron_naoko-4:beta2:*:*:*:*:*:*:*