CVE-2001-1351

medium

Description

Cross-site scripting vulnerability in Namazu 2.0.8 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the index file name that is displayed when displaying hit numbers.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/7875

http://www.osvdb.org/5690

http://marc.info/?l=bugtraq&w=2&r=1&s=namazu&q=b

Details

Source: Mitre, NVD

Published: 2001-12-25

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 6.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Severity: Medium

EPSS

EPSS: 0.00846