CVE-2000-0746 in IISinfo

Zusammenfassung

von MITRE

Vulnerabilities in IIS 4.0 and 5.0 do not properly protect against cross-site scripting (CSS) attacks. They allow a malicious web site operator to embed scripts in a link to a trusted site, which are returned without quoting in an error message back to the client. The client then executes those scripts in the same context as the trusted site, aka the "IIS Cross-Site Scripting" vulnerabilities.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Veröffentlichung

20.10.2000

Moderieren

akzeptiert

Eintrag

VDB-15888

CPE

bereit

CWE

CWE-80 (bestätigt)

CVSS

4.7 (VulDB)

EPSS

0.08553

KEV

nein

Aktivitäten

very low

Sektor

Hostingprovider, Agriculture, ...

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2000-0746
NVD	https://nvd.nist.gov/vuln/detail/CVE-2000-0746
CVE Details	https://www.cvedetails.com/cve/CVE-2000-0746/

◂ Zurück Übersicht Weiter ▸

Interested in the pricing of exploits?

See the underground prices here!