← CVECheck
HomeVulnerabilities

CVE-2002-0292 — LOW severity vulnerability (Cross-site scripting vulnerability in Slash before 2.2.5, as)

Cross-site scripting vulnerability in Slash before 2.2.5, as used in Slashcode and elsewhere, allows remote attackers to steal cookies and authentication information from other users via Javascript in a URL, possibly in the formkey field.

CVE IDCVE-2002-0292
SeverityLOW
CVSS score2.6
CVSS vectorAV:N/AC:H/Au:N/C:P/I:N/A:N
CWENVD-CWE-Other
StatusModified
Published2002-05-31
Last modified2026-04-16
DescriptionCross-site scripting vulnerability in Slash before 2.2.5, as used in Slashcode and elsewhere, allows remote attackers to steal cookies and authentication information from other users via Javascript in a URL, possibly in the formkey field.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →