CVE-2001-0658
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
20/09/2001
Last modified:
03/04/2025
Description
Cross-site scripting (CSS) vulnerability in Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause other clients to execute certain script or read cookies via malicious script in an invalid URL that is not properly quoted in an error message.
Impact
Base Score 2.0
7.50
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:microsoft:isa_server:2000:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://www.securityfocus.com/bid/3198
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-045
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6991
- http://www.securityfocus.com/bid/3198
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-045
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6991