PT-2000-1854 · Microsoft · Indexing Services
Publicado
2000-12-19
·
Atualizado
2018-10-12
·
CVE-2000-0942
CVSS v2.0
5.1
Média
| Vetor | AV:N/AC:H/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Microsoft Indexing Services for Windows 2000
Description
The issue allows remote attackers to conduct a cross-site scripting attack via a
CiRestriction parameter in a .htw request.Recommendations
For Microsoft Indexing Services for Windows 2000, consider restricting access to the CiWebHitsFile component until a patch is available. As a temporary workaround, avoid using the
CiRestriction parameter in .htw requests to minimize the risk of exploitation.Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Indexing Services