CVE-2002-1126

CVE-2002-1126 is a low-severity vulnerability in Galeon Galeon Browser with a CVSS 2.0 base score of 2.6. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.

Key facts

Description

Mozilla 1.1 and earlier, and Mozilla-based browsers such as Netscape and Galeon, set the document referrer too quickly in certain situations when a new page is being loaded, which allows web pages to determine the next page that is being visited, including manually entered URLs, using the onunload handler.

Frequently asked questions

What is CVE-2002-1126?
Mozilla 1.1 and earlier, and Mozilla-based browsers such as Netscape and Galeon, set the document referrer too quickly in certain situations when a new page is being loaded, which allows web pages to determine the next page that is being visited, including manually entered URLs, using the onunload handler.
How severe is CVE-2002-1126?
CVE-2002-1126 has a CVSS 2.0 base score of 2.6, rated low severity.
Is CVE-2002-1126 being actively exploited?
It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 2% (72nd percentile), an estimate of the probability of exploitation in the next 30 days.
What products are affected by CVE-2002-1126?
CVE-2002-1126 primarily affects Galeon Galeon Browser. In total, 12 product configurations (CPEs) are listed as vulnerable; see the affected-products list for the exact versions.
How do I fix CVE-2002-1126?
Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
When was CVE-2002-1126 published?
CVE-2002-1126 was published on 2002-09-24 and last updated on 2026-06-16.

References

Affected products (12)

More vulnerabilities in Galeon Galeon Browser

All CVEs affecting Galeon Galeon Browser →