CVE-2000-0942

CVE Database · CVE-2000-0942

CVE-2000-0942

· N/AModified

CVSS v3.1

N/A

EPSS

20.64%

Published

Dec 19, 2000

Modified

Apr 15, 2026

Public PoC / Exploit (2)

All weaponized →

Exploit-DBMicrosoft Indexing Service (Windows 2000/NT 4.0) - '.htw' Cross-Site Scripting TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

The CiWebHitsFile component in Microsoft Indexing Services for Windows 2000 allows remote attackers to conduct a cross site scripting (CSS) attack via a CiRestriction parameter in a .htw request, aka the "Indexing Services Cross Site Scripting" vulnerability.

Affected Products (1)

microsoft · indexing_servicevulnerable

References (8)

http://www.securityfocus.com/archive/1/141903

http://www.securityfocus.com/bid/1861

ExploitPatchVendor Advisory

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-084

https://exchange.xforce.ibmcloud.com/vulnerabilities/5441

http://www.securityfocus.com/archive/1/141903

http://www.securityfocus.com/bid/1861

ExploitPatchVendor Advisory

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-084

https://exchange.xforce.ibmcloud.com/vulnerabilities/5441

KEV Catalog EPSS Scores Vendors All CVEs