CVE-2002-0074

CVE Database · CVE-2002-0074

CVE-2002-0074

· N/AModified

CVSS v3.1

N/A

EPSS

33.79%

Published

Apr 22, 2002

Modified

Apr 15, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Cross-site scripting vulnerability in Help File search facility for Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to embed scripts into another user's session.

Affected Products (2)

microsoft · internet_information_servervulnerable

microsoft · internet_information_servicesvulnerable

References (20)

http://seclists.org/bugtraq/2002/Apr/0126.html

http://www.cert.org/advisories/CA-2002-09.html

US Government Resource

http://www.cgisecurity.com/advisory/9.txt

http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml

http://www.iss.net/security_center/static/8802.php

http://www.kb.cert.org/vuls/id/883091

US Government Resource

http://www.osvdb.org/3338

http://www.securityfocus.com/bid/4483

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-018

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A46

KEV Catalog EPSS Scores Vendors All CVEs