6.8 Medium
AI Score
Confidence
High
5.1 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
0.95 High
EPSS
Percentile
99.3%
The CiWebHitsFile component in Microsoft Indexing Services for Windows 2000 allows remote attackers to conduct a cross site scripting (CSS) attack via a CiRestriction parameter in a .htw request, aka the βIndexing Services Cross Site Scriptingβ vulnerability.
CPE | Name | Operator | Version |
---|---|---|---|
microsoft:indexing_service | microsoft indexing service | eq | * |