← Back to CVEs
CVE-2002-1700
N/ADescription
Cross-site scripting vulnerability (XSS) in the missing template handler in Macromedia ColdFusion MX allows remote attackers to execute arbitrary script as other users by injecting script into the HTTP request for the name of a template, which is not filtered in the resulting 404 error message.
CVE Details
CVSS v3.1 ScoreN/A
Published12/31/2002
Last Modified4/16/2026
Sourcenvd
Honeypot Sightings0
Affected Products
macromedia:coldfusionmicrosoft:internet_information_servicesmicrosoft:windows_2000
Weaknesses (CWE)
CWE-79
References
http://online.securityfocus.com/archive/1/277487(cve@mitre.org)
http://www.macromedia.com/v1/Handlers/index.cfm?ID=23047(cve@mitre.org)
http://www.securityfocus.com/bid/5011(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/9360(cve@mitre.org)
http://online.securityfocus.com/archive/1/277487(af854a3a-2127-422b-91ae-364da2661108)
http://www.macromedia.com/v1/Handlers/index.cfm?ID=23047(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/5011(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/9360(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.