CVE Database · CVE-2002-0148
CVSS v3.1
N/A
EPSS
64.49%
Published
Apr 22, 2002
Modified
Apr 15, 2026
Public PoC / Exploit (2)
All weaponized →Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.
Description
Cross-site scripting vulnerability in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to execute arbitrary script as other users via an HTTP error page.
Affected Products (2)
References (18)
