Description

Multiple cross-site scripting (XSS) vulnerabilities in the administrative web pages for Microsoft Internet Information Server (IIS) 4.0 through 5.1 allow remote attackers to execute HTML script as other users through (1) a certain ASP file in the IISHELP virtual directory, or (2) possibly other unknown attack vectors.

Remediation

References

CVE-2002-1181

Related Vulnerabilities

Plone CMS Resource Management Errors Vulnerability (CVE-2013-4188)

WordPress Plugin Dbox 3D Slider Lite SQL Injection (1.2.2)

phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-5705)

Phusion Passenger Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-10345)

WordPress Plugin WooCommerce PayPal Checkout Payment Gateway Parameter Tampering (1.6.8)

Severity

Medium

Classification

CVE-2002-1181

Tags

Missing Update Known Vulnerabilities