01.22.2003 - MS03-002 : Cumulative Patch for Microsoft Content Management Server 2001 (810487)

A cross-site scripting flaw exists in one of these ASP pages. The flaw can permit an attacker to insert script in the data that is being sent to an MCMS server. Because the server generates a Web page in response to a user request that is made by using this page, the script may be embedded in the page that MCMS generates and returns to the user. If this occurs, the script may then be run when it is processed by the user’s browser. Because of this, attacker may be able to access information that the user shared with the legitimate site. - Download MCMS SRP2 English (Direct Link) - View Microsoft Security Bulletin MS03-002 - View End User Security Bulletin - View Microsoft Knowledge Base Article - 810487 - Visit Microsoft Corporation