Vulnerability Details : CVE-2002-0108
Allaire Forums 2.0.4 and 2.0.5 and Forums! 3.0 and 3.1 allows remote authenticated users to spoof messages as other users by modifying the hidden form fields for the name and e-mail address.
Exploit prediction scoring system (EPSS) score for CVE-2002-0108
Probability of exploitation activity in the next 30 days: 1.45%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 85 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2002-0108
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2002-0108
-
http://www.securityfocus.com/bid/3827
-
http://online.securityfocus.com/archive/1/249026
Vendor Advisory
-
http://www.iss.net/security_center/static/7841.php
Vendor Advisory
-
http://www.kb.cert.org/vuls/id/575619
US Government Resource
Products affected by CVE-2002-0108
- cpe:2.3:a:allaire:forums:2.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:allaire:forums:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:allaire:forums:3.1:*:*:*:*:*:*:*
- cpe:2.3:a:allaire:forums:2.0.4:*:*:*:*:*:*:*