Back
CVE-2001-1325
Internet Explorer 5.0 and 5.5, and Outlook Express 5.0 and 5.5, allow remote attackers to execute scripts when Active Scripting is disabled by including the scripts in XML stylesheets (XSL) that are referenced using an IFRAME tag, possibly due to a vulnerability in Windows Scripting Host (WSH).
Published: Apr 20, 2001
Modified: Apr 16, 2026
CVSS Metrics
Affected Products (4)
| Vendor | Product | Version |
|---|---|---|
| microsoft | internet_explorer | 5.0 |
| microsoft | internet_explorer | 5.5 |
| microsoft | outlook_express | 5.0 |
| microsoft | outlook_express | 5.5 |
References (6)
- http://www.securityfocus.com/archive/1/3AE02004.57FDF958%40guninski.com
- http://www.securityfocus.com/bid/2633 Exploit, Patch, Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6448
- http://www.securityfocus.com/archive/1/3AE02004.57FDF958%40guninski.com
- http://www.securityfocus.com/bid/2633 Exploit, Patch, Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6448
Risk Scores
CVSS Score
7.5 / 10
EPSS Score
12.36%
Top 6% most likely to be exploited
Threat Score
33.7 / 100
Data Sources
NVD
EPSS