{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T12:04:41.032","vulnerabilities":[{"cve":{"id":"CVE-2001-0948","sourceIdentifier":"cve@mitre.org","published":"2001-12-04T05:00:00.000","lastModified":"2026-04-16T00:27:16.627","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (CSS) vulnerability in ValiCert Enterprise Validation Authority (EVA) 3.3 through 4.2.1 allows remote attackers to execute arbitrary code or display false information by including HTML or script in the certificate's description, which is executed when the certificate is viewed."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":true,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:valicert:enterprise_validation_authority:3.3:*:*:*:*:*:*:*","matchCriteriaId":"0325EEE5-AD5F-4262-A379-C6F4A8F6B4DD"},{"vulnerable":true,"criteria":"cpe:2.3:a:valicert:enterprise_validation_authority:3.4:*:*:*:*:*:*:*","matchCriteriaId":"DC9EDA8D-1427-4FFB-B6E5-44296B945F1C"},{"vulnerable":true,"criteria":"cpe:2.3:a:valicert:enterprise_validation_authority:3.5:*:*:*:*:*:*:*","matchCriteriaId":"847A5CCA-A8A1-4B07-B60F-69E0E56E9384"},{"vulnerable":true,"criteria":"cpe:2.3:a:valicert:enterprise_validation_authority:3.6:*:*:*:*:*:*:*","matchCriteriaId":"27251C41-296E-4635-9727-37D661080994"},{"vulnerable":true,"criteria":"cpe:2.3:a:valicert:enterprise_validation_authority:3.7:*:*:*:*:*:*:*","matchCriteriaId":"474EF0B1-2D23-4149-A47B-F928DDB1F570"},{"vulnerable":true,"criteria":"cpe:2.3:a:valicert:enterprise_validation_authority:3.8:*:*:*:*:*:*:*","matchCriteriaId":"D1DA047B-69A6-41D2-B98E-9753813F325F"},{"vulnerable":true,"criteria":"cpe:2.3:a:valicert:enterprise_validation_authority:3.9:*:*:*:*:*:*:*","matchCriteriaId":"5DB971CB-596A-4A53-A801-6934A64010E8"},{"vulnerable":true,"criteria":"cpe:2.3:a:valicert:enterprise_validation_authority:4.0:*:*:*:*:*:*:*","matchCriteriaId":"473714FE-2743-4144-8A02-29E5981A26D0"},{"vulnerable":true,"criteria":"cpe:2.3:a:valicert:enterprise_validation_authority:4.1:*:*:*:*:*:*:*","matchCriteriaId":"E49EE460-3930-45ED-B5C3-E7C72CECE122"},{"vulnerable":true,"criteria":"cpe:2.3:a:valicert:enterprise_validation_authority:4.2:*:*:*:*:*:*:*","matchCriteriaId":"8147DB94-C5FA-45FA-A601-3FF4D2F6C93E"},{"vulnerable":true,"criteria":"cpe:2.3:a:valicert:enterprise_validation_authority:4.2.1:*:*:*:*:*:*:*","matchCriteriaId":"D2FBC1CB-22E4-4C67-9EE5-547EA6B1673E"}]}]}],"references":[{"url":"http://marc.info/?l=bugtraq&m=100749428517090&w=2","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/bid/3619","source":"cve@mitre.org","tags":["Patch","Vendor Advisory"]},{"url":"http://www.valicert.com/support/security_advisory_eva.html","source":"cve@mitre.org","tags":["Vendor Advisory","URL Repurposed"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/7650","source":"cve@mitre.org"},{"url":"http://marc.info/?l=bugtraq&m=100749428517090&w=2","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/bid/3619","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"http://www.valicert.com/support/security_advisory_eva.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory","URL Repurposed"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/7650","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}