Description

Multiple cross-site scripting (XSS) vulnerabilities in the administrative web pages for Microsoft Internet Information Server (IIS) 4.0 through 5.1 allow remote attackers to execute HTML script as other users through (1) a certain ASP file in the IISHELP virtual directory, or (2) possibly other unknown attack vectors.

Remediation

References

CVE-2002-1181

Related Vulnerabilities

WordPress Plugin ALO EasyMail Newsletter Multiple Vulnerabilities (2.6.00)

WordPress Plugin Car Seller-Auto Classifieds Script SQL Injection (2.1.0)

Drupal Core 8.5.x Remote Code Execution (8.5.0 - 8.5.2)

WordPress Plugin Memphis Documents Library Arbitrary File Download (3.1.5)

SugarCRM Other Vulnerability (CVE-2006-2460)

Severity

Medium

Classification

CVE-2002-1181

Tags

Missing Update Known Vulnerabilities