Internet Information Services Other Vulnerability - CVE-2000-1104

Variant of the quotIIS Cross-Site Scriptingquot vulnerability as originally discussed in MS:MS00-060 (CVE-2000-0746) allows a malicious web site operator to embed scripts in a link to a trusted site which are returned without quoting in an error message back to the client. The client then executes those scripts in the same context as the trusted site.