CVE-2002-1958 — MEDIUM severity vulnerability (Cross-site scripting (XSS) vulnerability in kmMail 1.0, 1.0a)
Cross-site scripting (XSS) vulnerability in kmMail 1.0, 1.0a, and 1.0b allows remote attackers to inject arbitrary web script or HTML via (1) javascript in onmouseover or other attributes in "safe" HTML tags such as the "b" tag, or (2) the Subject field.
| CVE ID | CVE-2002-1958 |
|---|---|
| Severity | MEDIUM |
| CVSS score | 4.3 |
| CVSS vector | AV:N/AC:M/Au:N/C:N/I:P/A:N |
| CWE | CWE-79 |
| Status | Modified |
| Published | 2002-12-31 |
| Last modified | 2026-04-16 |
| Description | Cross-site scripting (XSS) vulnerability in kmMail 1.0, 1.0a, and 1.0b allows remote attackers to inject arbitrary web script or HTML via (1) javascript in onmouseover or other attributes in "safe" HTML tags such as the "b" tag, or (2) the Subject field. |
| Source | NIST National Vulnerability Database |
🔍 Search all vulnerabilities →
$999/mo
Try CVECheck →