CVE-2001-0658

Currently unrated

Key Information:

Vendor: Microsoft
Status: Isa Server
Vendor: CVE Published:; 20 September 2001

Summary

Cross-site scripting (CSS) vulnerability in Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause other clients to execute certain script or read cookies via malicious script in an invalid URL that is not properly quoted in an error message.

References

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

https://exchange.xforce.ibmcloud.com/vulnerabilities/6991

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/3198

vdb-entryx_refsource_BID

EPSS Score

2% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Sep 20, 2001
Vulnerability Reserved
Aug 15, 2001

Collectors

NVD DatabaseMitre Database