Cross-Site Scripting Vulnerabilities in Microsoft W3Who ISAPI
CVE-2004-1133

Currently unrated

Key Information:

Vendor

Microsoft
Status
W3who.dll
Vendor
CVE Published:
10 January 2005

What is CVE-2004-1133?

Multiple XSS vulnerabilities in Microsoft W3Who ISAPI (w3who.dll) enable remote attackers to inject arbitrary HTML and web scripts. This happens via manipulation of HTTP headers such as 'Connection' or by exploiting invalid parameters, subsequently reflected in error messages. It poses a significant risk as it allows attackers to execute malicious scripts in the context of a user’s session, compromising user data and security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://marc.info/?l=full-disclosure&m=110234486823233&w=2
mailing-listx_refsource_FULLDISC
http://www.exaprobe.com/labs/advisories/esa-2004-1206.html
x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/18375
vdb-entryx_refsource_XF

EPSS Score

13% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.