Microsoft SharePoint '_layouts/help.aspx' Cross Site Scripting Vulnerability

Summary
This host is running Microsoft SharePoint Server and is prone to Cross Site Scripting vulnerability.
Impact
Successful exploitation will allow remote authenticated users to compromise the application, theft of cookie-based authentication credentials, disclosure or modification of sensitive data. Impact Level: Application
Solution
Apply the patch from below link http://technet.microsoft.com/en-us/security/bulletin/MS10-039
Insight
This flaw is due to insufficient validation of user supplied data passed into 'cid0' parameter in the '_layouts/help.aspx' in SharePoint Team Services.
Affected
Microsoft Windows SharePoint Services 3.0 SP 1 Microsoft Office SharePoint Server SP1 2007 12.0.0.6421 and prior.
References