Back to search
CVE-2002-1181
Published: Nov 2, 2002
Modified: Aug 8, 2024
PUBLISHED
Description
Multiple cross-site scripting (XSS) vulnerabilities in the administrative web pages for Microsoft Internet Information Server (IIS) 4.0 through 5.1 allow remote attackers to execute HTML script as other users through (1) a certain ASP file in the IISHELP virtual directory, or (2) possibly other unknown attack vectors.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
iis-admin-pages-xss(10501)
vdb-entry
x_refsource_XF
6072
vdb-entry
x_refsource_BID
oval:org.mitre.oval:def:942
vdb-entry
signature
x_refsource_OVAL
N-011
third-party-advisory
government-resource
x_refsource_CIAC
6068
vdb-entry
x_refsource_BID
http://www.lac.co.jp/security/intelligence/SNSAdvisory/58.html
x_refsource_MISC
oval:org.mitre.oval:def:944
vdb-entry
signature
x_refsource_OVAL
MS02-062
vendor-advisory
x_refsource_MS
20021105 [SNS Advisory No.58] Microsoft IIS Local Cross-site Scripting Vulnerability
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now