Description

Cross-site scripting vulnerability in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to execute arbitrary script as other users via an HTTP error page.

Remediation

References

CVE-2002-0148

Related Vulnerabilities

WordPress Plugin iSlidex TimThumb Arbitrary File Upload (2.7)

Squid Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-12529)

WordPress Plugin WP-Table Reloaded Cross-Site Scripting (1.9.3)

Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3514)

Serendipity Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-5609)

Severity

High

Classification

CVE-2002-0148

Tags

Missing Update Known Vulnerabilities