CVE-2002-0187

N/A

Description

Cross-site scripting vulnerability in the SQLXML component of Microsoft SQL Server 2000 allows an attacker to execute arbitrary script via the root parameter as part of an XML SQL query, aka "Script Injection via XML Tag."

CVE Details

CVSS v3.1 ScoreN/A

Published7/3/2002

Last Modified4/16/2026

Sourcenvd

Honeypot Sightings0

Affected Products

microsoft:sql_server

References

http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0100.html(cve@mitre.org)

http://marc.info/?l=bugtraq&m=102397345410856&w=2(cve@mitre.org)

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-030(cve@mitre.org)

http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0100.html(af854a3a-2127-422b-91ae-364da2661108)

http://marc.info/?l=bugtraq&m=102397345410856&w=2(af854a3a-2127-422b-91ae-364da2661108)

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-030(af854a3a-2127-422b-91ae-364da2661108)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.