Description

Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Foundation 2010 SP2, SharePoint Server 2010 SP2, SharePoint Foundation 2013 Gold and SP1, and SharePoint Server 2013 Gold and SP1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted request, aka "Microsoft SharePoint XSS Vulnerability."

Remediation

References

CVE-2015-1633

Related Vulnerabilities

Apache Traffic Server Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2022-32749)

WordPress Plugin Free Responsive Post/Article Author Section for WordPress-Ultimate Author Box Lite includes Backdoor [Only if downloaded via the vendor website] (1.1.2)

Oracle Application Server Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2006-0586)

WordPress Plugin WP Travel-Best Travel Booking, Tour Management Engine Cross-Site Request Forgery (4.4.6)

PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-4342)

Severity

Low

Classification

CVE-2015-1633 CWE-707

Tags

Missing Update Known Vulnerabilities