Cross-Site Scripting (XSS) Vulnerabilities in Microsoft Internet Information Server (IIS) Administrative Web Pages

CVE-2002-1181 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Multiple cross-site scripting (XSS) vulnerabilities in the administrative web pages for Microsoft Internet Information Server (IIS) 4.0 through 5.1 allow remote attackers to execute HTML script as other users through (1) a certain ASP file in the IISHELP virtual directory, or (2) possibly other unknown attack vectors.

Learn more about our Cis Benchmark Audit For Microsoft Iis.