Description In IIS, remote attackers can obtain source code for ASP files by appending "::$DATA" to the URL. Remediation References CVE-1999-0278 Related Vulnerabilities WordPress Plugin WHIZZ Cross-Site Request Forgery (1.1) WordPress Plugin WP Ad Guru Lite Cross-Site Scripting (1.6.0) Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1000170) WordPress Plugin WOOCS-Currency Switcher for WooCommerce Professional Cross-Site Scripting (1.3.7.2) Joomla! Core 1.6.0 Spam (1.6.0) Severity Medium Classification CVE-1999-0278 Tags Missing Update Known Vulnerabilities