CVE-2001-0523

2001-07-2704:00:00

mitre

www.cve.org

6.5 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

79.7%

JSON

eEye SecureIIS versions 1.0.3 and earlier allows a remote attacker to bypass filtering of requests made to SecureIIS by escaping HTML characters within the request, which could allow a remote attacker to use restricted variables and perform directory traversal attacks on vulnerable programs that would otherwise be protected.

References

archives.neohapsis.com/archives/bugtraq/2001-05/0185.html

archives.neohapsis.com/archives/bugtraq/2001-05/0197.html

exchange.xforce.ibmcloud.com/vulnerabilities/6563

exchange.xforce.ibmcloud.com/vulnerabilities/6564