CVE-1999-1167

CVSS 2.0 Score 6.4 of 10 (medium)

Details

Published Dec 31, 1999

Updated: Nov 20, 2024

Summary

CVE-1999-1167 is a cross-site scripting (XSS) vulnerability affecting the Third Voice Web annotation utility. Malicious users can exploit this issue by injecting malicious JavaScript into annotations, which allows them to read sensitive data and create fake web pages for other Third Voice users. This vulnerability poses a significant risk as it enables unauthorized access and data manipulation. Attackers can use this to steal credentials, install malware, or carry out phishing attacks. Users are advised to avoid clicking on suspicious annotations and keep their Third Voice applications updated to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/NWlVpr
https://www.cve.org/CVERecord?id=CVE-1999-1167
https://nvd.nist.gov/vuln/detail/CVE-1999-1167

Back to Vulnerability Database

CVE-1999-1167

CVSS 2.0 Score 6.4 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations