Microsoft has issued a cumulative patch for Microsoft Content Management Server (MCMS) 2001.
MCMS is an Enterprise server product for developing and managing e-commerce sites. MCMS includes a number of pre-defined ASP web pages that allow web site operators to quickly set up e-business websites.
A Cross-Site Scripting flaw exists in one of these ASP pages that could allow an attacker to insert script into the data being sent to a MCMS server. This could result in an attacker being able to access information the user shared with the legitimate site.
For more information click here.