Multiple cross-site scripting (XSS) vulnerabilities in the administrative web pages for Microsoft Internet Information Server (IIS) 4.0 up to and including 5.1 allow remote malicious users to execute HTML script as other users through (1) a certain ASP file in the IISHELP virtual directory, or (2) possibly other unknown attack vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft internet information server 4.0 |
||
microsoft internet information services 5.0 |