CVE-2002-1181

3 documents3 sources
Severity
6.8MEDIUM
EPSS
12.1%
top 6.20%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Microsoft Internet Information ServerMicrosoft Internet Information Services
Timeline
PublishedNov 12
Latest updateApr 30

Description

Multiple cross-site scripting (XSS) vulnerabilities in the administrative web pages for Microsoft Internet Information Server (IIS) 4.0 through 5.1 allow remote attackers to execute HTML script as other users through (1) a certain ASP file in the IISHELP virtual directory, or (2) possibly other unknown attack vectors.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages2 packages

Patches

Patch: www.iss.netPatch: www.iss.net

🔴Vulnerability Details

2
GHSA
GHSA-rw5p-fw64-6p5x: Multiple cross-site scripting (XSS) vulnerabilities in the administrative web pages for Microsoft Internet Information Server (IIS) 42022-04-30
CVEList
CVE-2002-1181: Multiple cross-site scripting (XSS) vulnerabilities in the administrative web pages for Microsoft Internet Information Server (IIS) 42002-11-02
CVE-2002-1181 (MEDIUM CVSS 6.8) | Multiple cross-site scripting (XSS) | cvebase.io