CVE-2003-1539

medium

Description

Cross-site scripting (XSS) vulnerability in ONEdotOH Simple File Manager (SFM) before 0.21 allows remote attackers to inject arbitrary web script or HTML via (1) file names and (2) directory names.

References

http://www.securityfocus.com/bid/7035

http://sourceforge.net/project/shownotes.php?release_id=144274

http://secunia.com/advisories/8257

Details

Source: Mitre, NVD

Published: 2003-12-31

Updated: 2008-09-05

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 6.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N