Microsoft : Security Vulnerabilities, CVEs, Published In 2004 (XSS) CVSS score >= 2
Hastymail 1.0.1 and earlier (stable) and 1.1 and earlier (development) does not send the "attachment" parameter in the Content-Disposition field for attachments, which causes the attachment to be rendered inline by Internet Explorer when the victim clicks the download link, which facilitates cross-site scripting (XSS) and possibly other attacks.
Max CVSS
4.3
EPSS Score
1.83%
Published
2004-12-31
Updated
2021-07-23
Multiple cross-site scripting (XSS) vulnerabilities in Microsoft SharePoint Portal Server 2001 allow remote attackers to process arbitrary web content and steal cookies via certain server scripts.
Max CVSS
6.8
EPSS Score
0.99%
Published
2004-05-04
Updated
2017-07-11
Cross-site scripting (XSS) vulnerability in Outlook Web Access for Exchange Server 5.5 Service Pack 4 allows remote attackers to insert arbitrary script and spoof content in HTML email or web caches via an HTML redirect query.
Max CVSS
4.3
EPSS Score
96.20%
Published
2004-11-23
Updated
2020-04-09
3 vulnerabilities found