Microsoft: >> Hotmail Security Vulnerabilities
Hotmail does not properly filter JavaScript code from a user's mailbox, which allows a remote attacker to execute the code by using hexadecimal codes to specify the javascript: protocol, e.g. jAvascript.
CVSS Score
10.0
EPSS Score
0.293
Published
2000-01-10
Hotmail does not properly filter JavaScript code from a user's mailbox, which allows a remote attacker to execute code via the LOWSRC or DYNRC parameters in the IMG tag.
CVSS Score
7.5
EPSS Score
0.12
Published
2000-01-04
Hotmail allows Javascript to be executed via the HTML STYLE tag, allowing remote attackers to execute commands on the user's Hotmail account.
CVSS Score
5.1
EPSS Score
0.027
Published
1999-09-13