CVE-2002-0354 — MEDIUM severity vulnerability (The XMLHttpRequest object (XMLHTTP) in Netscape 6.1 and Mozi)
The XMLHttpRequest object (XMLHTTP) in Netscape 6.1 and Mozilla 0.9.7 allows remote attackers to read arbitrary files and list directories on a client system by opening a URL that redirects the browser to the file on the client, then reading the result using the responseText property.
| CVE ID | CVE-2002-0354 |
|---|---|
| Severity | MEDIUM |
| CVSS score | 5.0 |
| CVSS vector | AV:N/AC:L/Au:N/C:N/I:P/A:N |
| CWE | NVD-CWE-Other |
| Status | Modified |
| Published | 2002-06-25 |
| Last modified | 2026-04-16 |
| Description | The XMLHttpRequest object (XMLHTTP) in Netscape 6.1 and Mozilla 0.9.7 allows remote attackers to read arbitrary files and list directories on a client system by opening a URL that redirects the browser to the file on the client, then reading the result using the responseText property. |
| Source | NIST National Vulnerability Database |
🔍 Search all vulnerabilities →
$999/mo
Try CVECheck →