CVE-2000-0085

HIGH

7.5

CVSS Severity Score

EPSS Score0.0220%

EPSS Percentile12.85th

PublishedJan 4, 2000

Last ModifiedApr 16, 2026

Vulnerability Description

Hotmail does not properly filter JavaScript code from a user's mailbox, which allows a remote attacker to execute code via the LOWSRC or DYNRC parameters in the IMG tag.

Affected Platforms (CPE)

📦

Microsoft

Hotmail

All versions

References & Advisories

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0085

Related Vulnerabilities

CVE-2000-008110.0

Hotmail does not properly filter JavaScript code from a user's mailbox, which allows a remote attacker to execute the code by usin...

CVE-2017-169626.1

The WebMail components (Crystal, pronto, and pronto4) in CommuniGate Pro before 6.2.1 have stored XSS vulnerabilities via (1) the ...

CVE-2014-58545.4

The Windows Live Hotmail PUSH mail (aka com.clearhub.wl) application 1.00.97 for Android does not verify X.509 certificates from S...

CVE-1999-07505.1

Hotmail allows Javascript to be executed via the HTML STYLE tag, allowing remote attackers to execute commands on the user's Hotma...