Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2002-0187

Cross-site scripting vulnerability in the SQLXML component of Microsoft SQL Server 2000 allows an attacker to execute arbitrary script via the root parameter as part of an XML SQL query, aka "Script Injection via XML Tag."

  • Published: Jul 3, 2002
  • Updated: Apr 13, 2023
  • CVE: CVE-2002-0187
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Software From Fixed in
microsoft / sql_server 2000-sp2 2000-sp2.x
microsoft / sql_server 2000 2000.x
microsoft / sql_server 2000-sp1 2000-sp1.x