CVE-2011-1264 in Windowsinfo

Summary

Cross-site scripting (XSS) vulnerability in Active Directory Certificate Services Web Enrollment in Microsoft Windows Server 2003 SP2 and Server 2008 Gold, SP2, R2, and R2 SP1 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka "Active Directory Certificate Services Vulnerability."

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

03/04/2011

Disclosure

06/16/2011

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-79

CVSS

6.3

EPSS

0.01880

CTI

0.00

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2011-1264
NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-1264
CVE Details	https://www.cvedetails.com/cve/CVE-2011-1264/

◂ Previous Overview Next ▸