Cross-Site Scripting Vulnerability in Microsoft Internet Information Server
CVE-2003-0223

Currently unrated

Key Information:

Vendor
Microsoft
Status
Internet Information Services
Internet Information Server
Vendor
CVE Published:
9 June 2003

Summary

A cross-site scripting vulnerability exists in the ASP function responsible for redirection within Microsoft Internet Information Server versions 4.0, 5.0, and 5.1. This flaw allows remote attackers to manipulate redirection messages, potentially embedding malicious URLs that execute scripts in the victim's browser. By exploiting this vulnerability, attackers can inject arbitrary scripts, compromising user data and session integrity.

References

https://docs.microsoft.com/en-us/security-updates/securit...
vendor-advisoryx_refsource_MS
https://oval.cisecurity.org/repository/search/definition/...
vdb-entrysignaturex_refsource_OVAL

EPSS Score

8% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.