Vulnerabilities (CVE)

Filtered by vendor Microsoft Subscribe
Filtered by product Hotmail
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2000-0085 1 Microsoft 1 Hotmail 2024-11-20 7.5 HIGH N/A
Hotmail does not properly filter JavaScript code from a user's mailbox, which allows a remote attacker to execute code via the LOWSRC or DYNRC parameters in the IMG tag.
CVE-2000-0081 1 Microsoft 1 Hotmail 2024-11-20 10.0 HIGH N/A
Hotmail does not properly filter JavaScript code from a user's mailbox, which allows a remote attacker to execute the code by using hexadecimal codes to specify the javascript: protocol, e.g. jAvascript.
CVE-1999-0750 1 Microsoft 1 Hotmail 2024-11-20 5.1 MEDIUM N/A
Hotmail allows Javascript to be executed via the HTML STYLE tag, allowing remote attackers to execute commands on the user's Hotmail account.