Microsoft : Security Vulnerabilities Published In 2003 (XSS)
Microsoft ASP.Net 1.1 allows remote attackers to bypass the Cross-Site Scripting (XSS) and Script Injection protection feature via a null character in the beginning of a tag name.
Max Base Score
6.8
Published
2003-09-22
Updated
2016-10-18
EPSS
96.90%
Cross-site scripting (XSS) vulnerability in the HTML encoding for the Compose New Message form in Microsoft Exchange Server 5.5 Outlook Web Access (OWA) allows remote attackers to execute arbitrary web script.
Max Base Score
4.3
Published
2003-11-17
Updated
2020-04-09
EPSS
0.57%
Cross-site scripting (XSS) vulnerability in Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to inject arbitrary web script via a URL containing the script in the domain name portion, which is not properly cleansed in the default error pages (1) 500.htm for "500 Internal Server error" or (2) 404.htm for "404 Not Found."
Max Base Score
6.8
Published
2003-08-18
Updated
2018-10-12
EPSS
3.18%
Cross-site scripting (XSS) in Internet Explorer 5.5 and 6.0, possibly in a component that is also used by other Microsoft products, allows remote attackers to insert arbitrary web script via an XML file that contains a parse error, which inserts the script in the resulting error message.
Max Base Score
4.3
Published
2003-07-24
Updated
2021-07-23
EPSS
2.18%
Cross-site scripting vulnerability (XSS) in the ASP function responsible for redirection in Microsoft Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote attackers to embed a URL containing script in a redirection message.
Max Base Score
6.8
Published
2003-06-09
Updated
2020-11-23
EPSS
1.90%
Cross-site scripting (XSS) vulnerability in Help and Support Center for Microsoft Windows Me allows remote attackers to execute arbitrary script in the Local Computer security context via an hcp:// URL with the malicious script in the topic parameter.
Max Base Score
6.8
Published
2003-03-07
Updated
2018-10-12
EPSS
4.98%
Cross-site scripting vulnerability (XSS) in ManualLogin.asp script for Microsoft Content Management Server (MCMS) 2001 allows remote attackers to execute arbitrary script via the REASONTXT parameter.
Max Base Score
6.8
Published
2003-02-07
Updated
2018-10-12
EPSS
1.37%
7 vulnerabilities found