CVE-2000-0081

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.1200%

EPSS Percentile32.79th

PublishedJan 10, 2000

Last ModifiedApr 16, 2026

Vulnerability Description

Hotmail does not properly filter JavaScript code from a user's mailbox, which allows a remote attacker to execute the code by using hexadecimal codes to specify the javascript: protocol, e.g. jAvascript.

Affected Platforms (CPE)

📦

Microsoft

Hotmail

All versions

References & Advisories

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0081

Related Vulnerabilities

CVE-2000-00857.5

Hotmail does not properly filter JavaScript code from a user's mailbox, which allows a remote attacker to execute code via the LOW...

CVE-2017-169626.1

The WebMail components (Crystal, pronto, and pronto4) in CommuniGate Pro before 6.2.1 have stored XSS vulnerabilities via (1) the ...

CVE-2014-58545.4

The Windows Live Hotmail PUSH mail (aka com.clearhub.wl) application 1.00.97 for Android does not verify X.509 certificates from S...

CVE-1999-07505.1

Hotmail allows Javascript to be executed via the HTML STYLE tag, allowing remote attackers to execute commands on the user's Hotma...