CVE-2002-1681

Cross-site scripting (XSS) vulnerability in Slashcode CVS releases June 17 through July 1 2002 allows remote attackers to execute arbitrary script as other users by injecting script into the paragraph <P> tag.

Published: Dec 31, 2002
Updated: Nov 9, 2025
CVE: CVE-2002-1681
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
open_source_development_network / slashcode	2.2.3	2.2.3.x
open_source_development_network / slashcode	2.2.5	2.2.5.x
open_source_development_network / slashcode	2.2.1	2.2.1.x
open_source_development_network / slashcode	2.2.2	2.2.2.x
open_source_development_network / slashcode	2.2.4	2.2.4.x

http://online.securityfocus.com/archive/1/280218
http://online.securityfocus.com/archive/1/280255
http://www.securityfocus.com/bid/5140
https://exchange.xforce.ibmcloud.com/vulnerabilities/9473

Vulnerability Database

CVE-2002-1681

Deep Security Visibility Without the Complexity