Vulnerability Details CVE-2001-0658
Cross-site scripting (CSS) vulnerability in Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause other clients to execute certain script or read cookies via malicious script in an invalid URL that is not properly quoted in an error message.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.117
EPSS Ranking 93.2%
CVSS Severity
CVSS v2 Score 7.5
References
- http://www.securityfocus.com/bid/3198
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-045
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6991
- http://www.securityfocus.com/bid/3198
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-045
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6991
Products affected by CVE-2001-0658
-
cpe:2.3:a:microsoft:isa_server:2000