Description
Cross-site scripting (XSS) vulnerability in _layouts/help.aspx in Microsoft SharePoint Server 2007 12.0.0.6421 and possibly earlier, and SharePoint Services 3.0 SP1 and SP2, versions, allows remote attackers to inject arbitrary web script or HTML via the cid0 parameter.
Remediation
References
Related Vulnerabilities
WordPress Plugin s2Member Pro 'Coupon Code' Field HTML Injection (111216)
Oracle JRE CVE-2022-21434 Vulnerability (CVE-2022-21434)
WordPress Plugin WP Statistics Cross-Site Scripting (13.2.1)
e107 Other Vulnerability (CVE-2006-2591)
Envoy Proxy Integer Underflow (Wrap or Wraparound) Vulnerability (CVE-2024-32975)