CVE-2000-0746 in IISinformazioni

Riassunto

di MITRE

Vulnerabilities in IIS 4.0 and 5.0 do not properly protect against cross-site scripting (CSS) attacks. They allow a malicious web site operator to embed scripts in a link to a trusted site, which are returned without quoting in an error message back to the client. The client then executes those scripts in the same context as the trusted site, aka the "IIS Cross-Site Scripting" vulnerabilities.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Divulgazione

20/10/2000

Moderazione

accettato

Voce

VDB-15888

CPE

pronto

CWE

CWE-80 (confermato)

CVSS

4.7 (VulDB)

EPSS

0.08553

KEV

Attività

molto basso

Settore

Industry, Hospital, ...

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2000-0746
NVD	https://nvd.nist.gov/vuln/detail/CVE-2000-0746
CVE Details	https://www.cvedetails.com/cve/CVE-2000-0746/

◂ Precedente Visione D'ensemble Il prossimo ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!