← CVECheck
HomeVulnerabilities

CVE-2003-0399 — MEDIUM severity vulnerability (Vignette StoryServer 4 and 5, Vignette V/5, and possibly oth)

Vignette StoryServer 4 and 5, Vignette V/5, and possibly other versions allows remote attackers to perform unauthorized SELECT queries by setting the vgn_creds cookie to an arbitrary value and directly accessing the save template.

CVE IDCVE-2003-0399
SeverityMEDIUM
CVSS score6.4
CVSS vectorAV:N/AC:L/Au:N/C:P/I:P/A:N
CWENVD-CWE-Other
StatusModified
Published2003-07-02
Last modified2026-04-16
DescriptionVignette StoryServer 4 and 5, Vignette V/5, and possibly other versions allows remote attackers to perform unauthorized SELECT queries by setting the vgn_creds cookie to an arbitrary value and directly accessing the save template.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →