← back
CVE-2002-0187

CVE-2002-0187

EPSS 13.9%
Cross-site scripting vulnerability in the SQLXML component of Microsoft SQL Server 2000 allows an attacker to execute arbitrary script via the root parameter as part of an XML SQL query, aka "Script Injection via XML Tag."
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/21541unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0100.htmlhttp://marc.info/?l=bugtraq&m=102397345410856&w=2https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-030