CVE-2001-0948
Cross-site scripting (CSS) vulnerability in ValiCert Enterprise Validation Authority (EVA) 3.3 through 4.2.1 allows remote attackers to execute arbitrary code or display false information by including HTML or script in the certificate's description, which is executed when the certificate is viewed.
| Software | From | Fixed in |
|---|---|---|
| valicert / enterprise_validation_authority | 3.6 | 3.6.x |
| valicert / enterprise_validation_authority | 3.3 | 3.3.x |
| valicert / enterprise_validation_authority | 4.0 | 4.0.x |
| valicert / enterprise_validation_authority | 3.8 | 3.8.x |
| valicert / enterprise_validation_authority | 4.2 | 4.2.x |
| valicert / enterprise_validation_authority | 4.1 | 4.1.x |
| valicert / enterprise_validation_authority | 4.2.1 | 4.2.1.x |
| valicert / enterprise_validation_authority | 3.5 | 3.5.x |
| valicert / enterprise_validation_authority | 3.4 | 3.4.x |
| valicert / enterprise_validation_authority | 3.9 | 3.9.x |
| valicert / enterprise_validation_authority | 3.7 | 3.7.x |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime