Unrated severityNVD Advisory· Published Jan 9, 2001· Updated Jun 16, 2026
CVE-2000-1104
CVE-2000-1104
Description
Variant of the "IIS Cross-Site Scripting" vulnerability as originally discussed in MS:MS00-060 (CVE-2000-0746) allows a malicious web site operator to embed scripts in a link to a trusted site, which are returned without quoting in an error message back to the client. The client then executes those scripts in the same context as the trusted site.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:microsoft:internet_information_server:4.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:microsoft:internet_information_server:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_information_services:5.0:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.