CVE-2001-1325

CVE Database · CVE-2001-1325

CVE-2001-1325

· N/AModified

CVSS v3.1

N/A

EPSS

27.29%

Published

Apr 20, 2001

Modified

Apr 15, 2026

Public PoC / Exploit (2)

All weaponized →

Exploit-DBMicrosoft Internet Explorer 5.0/5.5 / OE 5.5 - XML Stylesheets Active Scripting TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Internet Explorer 5.0 and 5.5, and Outlook Express 5.0 and 5.5, allow remote attackers to execute scripts when Active Scripting is disabled by including the scripts in XML stylesheets (XSL) that are referenced using an IFRAME tag, possibly due to a vulnerability in Windows Scripting Host (WSH).

Affected Products (4)

microsoft · internet_explorervulnerable

microsoft · outlook_expressvulnerable

References (6)

http://www.securityfocus.com/archive/1/3AE02004.57FDF958%40guninski.com

http://www.securityfocus.com/bid/2633

ExploitPatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/6448

http://www.securityfocus.com/archive/1/3AE02004.57FDF958%40guninski.com

http://www.securityfocus.com/bid/2633

ExploitPatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/6448

KEV Catalog EPSS Scores Vendors All CVEs