Microsoft : Security Vulnerabilities, CVEs, Published In 2004 (XSS) CVSS score >= 2

CVE-2004-2704

Hastymail 1.0.1 and earlier (stable) and 1.1 and earlier (development) does not send the "attachment" parameter in the Content-Disposition field for attachments, which causes the attachment to be rendered inline by Internet Explorer when the victim clicks the download link, which facilitates cross-site scripting (XSS) and possibly other attacks.
Max CVSS
4.3
EPSS Score
1.83%
Published
2004-12-31
Updated
2021-07-23

CVE-2004-0379

Multiple cross-site scripting (XSS) vulnerabilities in Microsoft SharePoint Portal Server 2001 allow remote attackers to process arbitrary web content and steal cookies via certain server scripts.
Max CVSS
6.8
EPSS Score
0.99%
Published
2004-05-04
Updated
2017-07-11

CVE-2004-0203

Cross-site scripting (XSS) vulnerability in Outlook Web Access for Exchange Server 5.5 Service Pack 4 allows remote attackers to insert arbitrary script and spoof content in HTML email or web caches via an HTML redirect query.
Max CVSS
4.3
EPSS Score
96.20%
Published
2004-11-23
Updated
2020-04-09
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close