CyberSec.Space Logo
Back to CVE Browser

CVE-2001-0987

HIGH
7.5
CVSS Severity Score
EPSS Score0.0110%
EPSS Percentile4.93th
PublishedJul 22, 2001
Last ModifiedApr 16, 2026

Vulnerability Description

Cross-site scripting vulnerability in CGIWrap before 3.7 allows remote attackers to execute arbitrary Javascript on other web clients by causing the Javascript to be inserted into error messages that are generated by CGIWrap.

Affected Platforms (CPE)

πŸ“¦
Nathan Neulinger

Cgiwrap

<= 3.7

References & Advisories

πŸ”— http://archives.neohapsis.com/archives/bugtraq/2001-07/0499.html
πŸ”— http://cgiwrap.sourceforge.net/changes.html
πŸ”— http://www.osvdb.org/1909
πŸ”— http://www.securityfocus.com/bid/3084
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/6886
πŸ”— http://archives.neohapsis.com/archives/bugtraq/2001-07/0499.html
πŸ”— http://cgiwrap.sourceforge.net/changes.html
πŸ”— http://www.osvdb.org/1909

Related Vulnerabilities

CVE-2005-325410.0

The CGIwrap program before 3.9 on Debian GNU/Linux uses an incorrect minimum value of 100 for a UID to determine whether it can pe...

CVE-2000-04317.5

Cobalt RaQ2 and RaQ3 does not properly set the access permissions and ownership for files that are uploaded via FrontPage, which a...

CVE-2005-32555.0

The (1) cgiwrap and (2) php-cgiwrap packages before 3.9 in Debian GNU/Linux provide access to debugging CGIs under the web documen...

CVE-2006-07675.0

CGIWrap before 3.10 allows remote attackers to obtain sensitive information via unknown attack vectors that cause errors in script...