← CVECheck
HomeVulnerabilities

CVE-2002-1958 — MEDIUM severity vulnerability (Cross-site scripting (XSS) vulnerability in kmMail 1.0, 1.0a)

Cross-site scripting (XSS) vulnerability in kmMail 1.0, 1.0a, and 1.0b allows remote attackers to inject arbitrary web script or HTML via (1) javascript in onmouseover or other attributes in "safe" HTML tags such as the "b" tag, or (2) the Subject field.

CVE IDCVE-2002-1958
SeverityMEDIUM
CVSS score4.3
CVSS vectorAV:N/AC:M/Au:N/C:N/I:P/A:N
CWECWE-79
StatusModified
Published2002-12-31
Last modified2026-04-16
DescriptionCross-site scripting (XSS) vulnerability in kmMail 1.0, 1.0a, and 1.0b allows remote attackers to inject arbitrary web script or HTML via (1) javascript in onmouseover or other attributes in "safe" HTML tags such as the "b" tag, or (2) the Subject field.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →