← CVECheck
HomeVulnerabilities

CVE-2002-2073 — MEDIUM severity vulnerability (Cross-site scripting (XSS) vulnerability in the default ASP)

Cross-site scripting (XSS) vulnerability in the default ASP pages on Microsoft Site Server 3.0 on Windows NT 4.0 allows remote attackers to inject arbitrary web script or HTML via the (1) ctr parameter in Default.asp and (2) the query string to formslogin.asp.

CVE IDCVE-2002-2073
SeverityMEDIUM
CVSS score4.3
CVSS vectorAV:N/AC:M/Au:N/C:N/I:P/A:N
CWENVD-CWE-Other
StatusModified
Published2002-12-31
Last modified2026-04-16
DescriptionCross-site scripting (XSS) vulnerability in the default ASP pages on Microsoft Site Server 3.0 on Windows NT 4.0 allows remote attackers to inject arbitrary web script or HTML via the (1) ctr parameter in Default.asp and (2) the query string to formslogin.asp.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →