Arbitrary Script Execution via URL Redirect in IIS 4.0, 5.0, and 5.1

Arbitrary Script Execution via URL Redirect in IIS 4.0, 5.0, and 5.1

CVE-2002-0075 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Cross-site scripting vulnerability for Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to execute arbitrary script as other web users via the error message used in a URL redirect (""302 Object Moved") message.

Learn more about our Cis Benchmark Audit For Microsoft Iis.