Unrated severityNVD Advisory· Published Jan 18, 2001· Updated Apr 16, 2026

CVE-2001-1416

Description

Multiple cross-site scripting (XSS) vulnerabilities in the log messages in certain Alpha versions of AOL Instant Messenger (AIM) 4.4 allow remote attackers to execute arbitrary web script or HTML via an image in the (1) DATA, (2) STYLE, or (3) BINARY tags.

Affected products

AOL/Instant Messenger
cpe:2.3:a:aol:instant_messenger:4.4a:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.kb.cert.org/vuls/id/541384nvdUS Government Resource
www.kb.cert.org/vuls/id/JARL-56TPBQnvdUS Government Resource
www.windowsitpro.com/Articles/Index.cfmnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000