Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Internet Information Services Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2002-1700 - Vulnerability Database
Internet Information Services

Internet Information Services Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2002-1700

Medium
Reference: CVE-2002-1700
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2002-1700
Title: Internet Information Services Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Overview:

Cross-site scripting vulnerability (XSS) in the missing template handler in Macromedia ColdFusion MX allows remote attackers to execute arbitrary script as other users by injecting script into the HTTP request for the name of a template which is not filtered in the resulting 404 error message.