Description

Microsoft SharePoint Server 2007 SP3 and 2010 SP1 and SP2 allows remote attackers to conduct clickjacking attacks via a crafted web page, aka "Parameter Injection Vulnerability."

Remediation

References

CVE-2013-3895

Related Vulnerabilities

TinyMCE Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23494)

Oracle JRE CVE-2018-2603 Vulnerability (CVE-2018-2603)

MySQL Other Vulnerability (CVE-2010-3681)

Plone CMS Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-28735)

Ampache Deserialization of Untrusted Data Vulnerability (CVE-2017-18375)

Severity

Medium

Classification

CVE-2013-3895 CWE-264

Tags

Missing Update Known Vulnerabilities