Cross-Site Scripting Vulnerability in Microsoft Content Management Server
CVE-2003-0002

Currently unrated

Key Information:

Vendor: Microsoft
Status: Content Management Server
Vendor: CVE Published:; 7 February 2003

Summary

The ManualLogin.asp script in Microsoft Content Management Server 2001 contains a cross-site scripting vulnerability that permits remote attackers to inject and execute arbitrary scripts through the REASONTXT parameter. This flaw can potentially lead to session hijacking, redirection to malicious sites, or unauthorized access to sensitive information, making it crucial for affected users to implement the necessary security patches.

References

http://www.securityfocus.com/bid/5922

vdb-entryx_refsource_BID

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

http://marc.info/?l=bugtraq&m=103417794800719&w=2

mailing-listx_refsource_BUGTRAQ

EPSS Score

12% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Feb 7, 2003
Vulnerability Reserved
Jan 2, 2003