QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2000-1104

Back to search

CVE-2000-1104

Published: Dec 19, 2000

Modified: Aug 8, 2024

PUBLISHED

Description

Variant of the "IIS Cross-Site Scripting" vulnerability as originally discussed in MS:MS00-060 (CVE-2000-0746) allows a malicious web site operator to embed scripts in a link to a trusted site, which are returned without quoting in an error message back to the client. The client then executes those scripts in the same context as the trusted site.

VendorProductVersions

n/a

n/a

affected
n/a

References

MS00-060
vendor-advisory
x_refsource_MS

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now