Description
A cross-site scripting and elevation of privilege vulnerability exists in SharePoint that allows attacker-controlled JavaScript to run in the context of the user clicking a link. This is an elevation of privilege vulnerability as it allows an anonymous attacker to potentially issue SharePoint commands in the context of an authenticated user on the site.
Remediation
Upgrade SharePoint to the latest version.
References
Related Vulnerabilities
WordPress Plugin WordPress Simple Shopping Cart Cross-Site Scripting (4.6.1)
WordPress Plugin All In One Favicon Cross-Site Scripting (4.6)
WordPress Plugin Popup by Supsystic Cross-Site Scripting (1.10.4)
WordPress Plugin WooCommerce Customers Manager Multiple Vulnerabilities (26.5)
WordPress Plugin Favicon by RealFaviconGenerator Cross-Site Scripting (1.2.12)