Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Vulnerabilities in IIS 4.0 and 5.0 do not properly protect against cross-site scripting (CSS) attacks. They allow a malicious web site operator to embed scripts in a link to a trusted site, which are returned without quoting in an error message back to the client. The client then executes those scripts in the same context as the trusted site, aka the "IIS Cross-Site Scripting" vulnerabilities.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
微软IIS跨站脚本攻击.shtml漏洞
Vulnerability Description
IIS 4.0和5.0版本存在一些漏洞,没有正确防止跨站脚本攻击(CSS)。恶意web网站操作员可以利用该漏洞在信任网站连接中嵌入脚本,这些脚本是由客户端错误信息未经引用而返回的,然后客户端就可以像信任网站一样在相同环境中执行这些脚本。该漏洞也称为“IIS Cross-Site Scripting”漏洞。
CVSS Information
N/A
Vulnerability Type
N/A