Description
Cross-site scripting vulnerability (XSS) in ManualLogin.asp script for Microsoft Content Management Server (MCMS) 2001 allows remote attackers to execute arbitrary script via the REASONTXT parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by overclocking_a_la_abuela · textwebappsasp
https://www.exploit-db.com/exploits/21920
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/5922
Vendor Advisory vendor-advisory
x_refsource_ms
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-002
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=103417794800719&w=2
Patch, Vendor Advisory vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/10318.php
Scores
EPSS
0.1036
EPSS Percentile
93.3%
Details
Status
published
Products (1)
microsoft/content_management_server
2001 (2 CPE variants)
Published
Feb 07, 2003
Tracked Since
Feb 18, 2026