Vulnerabilities > CVE-2000-1104 - Unspecified vulnerability in Microsoft products

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

microsoft

NVD

Published: 2001-01-09

Updated: 2018-10-30

Summary

Variant of the "IIS Cross-Site Scripting" vulnerability as originally discussed in MS:MS00-060 (CVE-2000-0746) allows a malicious web site operator to embed scripts in a link to a trusted site, which are returned without quoting in an error message back to the client. The client then executes those scripts in the same context as the trusted site.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft Internet Information Services 5.0 Microsoft Internet Information Server 4.0	2

References

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-060