What is CVE-2010-0817?

CVE-2010-0817 is a vulnerability in Microsoft Sharepoint_server, classified under Cross-site Scripting. Published 2010-04-29.

Is CVE-2010-0817 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

XSS in Microsoft Sharepoint_server

CVE-2010-0817

Cross-site scripting (XSS) vulnerability in _layouts/help.aspx in Microsoft SharePoint Server 2007 12.0.0.6421 and possibly earlier, and SharePoint Services 3.0 SP1 and SP2, versions, allows remote attackers to inject arbitrary web script…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.553 (98.1th percentile) — read the EPSS interpretation.

Affected products

Microsoft Sharepoint_server — versions 2007
Microsoft Sharepoint_services — versions 3.0
N/a — versions n/a

Weakness classification (CWE)

CWE-79 — Cross-site Scripting

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

MS10-039 (x_refsource_MS, vendor-advisory)
20100428 XSS in Microsoft SharePoint Server 2007 (mailing-list, x_refsource_BUGTRAQ)
TA10-159B (US Government Resource, x_refsource_CERT, third-party-advisory)
oval:org.mitre.oval:def:7468 (x_refsource_OVAL, signature, vdb-entry)
secure@microsoft.com (Exploit, x_refsource_MISC)

Frequently asked questions

What is CVE-2010-0817?: CVE-2010-0817 is a vulnerability in Microsoft Sharepoint_server, classified under Cross-site Scripting. Published 2010-04-29.
Is CVE-2010-0817 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.