Description

Cross-site scripting (XSS) vulnerability in Microsoft Windows SharePoint Services 2.0 allows remote attackers to inject arbitrary web script or HTML via the Picture Source (aka picture object source) field in the Rich Text Editor.

Remediation

References

CVE-2008-1888

Related Vulnerabilities

Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-40191)

PHP Other Vulnerability (CVE-2007-1883)

OpenVPN AS Improper Neutralization of CRLF Sequences ('CRLF Injection') Vulnerability (CVE-2017-5868)

Claroline Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2006-4844)

WordPress Plugin Project2App-Turn Your WordPress Site into an Android App Cross-Site Scripting (2.0.2)

Severity

Medium

Classification

CVE-2008-1888 CWE-707

Tags

Missing Update Known Vulnerabilities