Description

Cross-site scripting vulnerability in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to execute arbitrary script as other users via an HTTP error page.

Remediation

References

CVE-2002-0148

Related Vulnerabilities

WordPress Plugin Simple Events Calendar SQL Injection (1.3.5)

WordPress Plugin Cart66 Pro Arbitrary File Disclosure (1.5.3)

WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-5293)

WebLogic Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-10152)

Drupal Core 8.x.x Directory Traversal (8.0.0 - 8.5.15)

Severity

High

Classification

CVE-2002-0148

Tags

Missing Update Known Vulnerabilities