CVE-2002-0269 — Cross-site Scripting in Microsoft Internet Explorer
2 documents2 sources
Severity
7.5HIGHNVD
EPSS
4.2%
top 11.25%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMay 29
Latest updateApr 30
Description
Internet Explorer 5.x and 6 interprets an object as an HTML document even when its MIME Content-Type is text/plain, which could allow remote attackers to execute arbitrary script in documents that the user does not expect, possibly through web applications that use a text/plain type to prevent cross-site scripting attacks.
CVSS vector
AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4