CVE-2002-0187
high
Microsoft CVSS v3 Base Score
7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS Score
14.9%
Exploitation probability in 30 days
Top 5% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Confidentiality
P
Integrity
P
Availability
P
Vulnerability Report
Generated by CyberWatcher
Description
Cross-site scripting vulnerability in the SQLXML component of Microsoft SQL Server 2000 allows an attacker to execute arbitrary script via the root parameter as part of an XML SQL query, aka "Script Injection via XML Tag."
CWE
NVD-CWE-OtherAffected Products
microsoft sql server