What is CVE-2010-3243?

CVE-2010-3243 is a medium-severity vulnerability in Microsoft Internet_explorer, classified under Cross-site Scripting. CVSS score: 4.3/10. Published 2010-10-13.

How severe is CVE-2010-3243?

Medium severity. CVSS v3 base score is 4.3 out of 10.

XSS in Microsoft Internet_explorer

CVE-2010-3243

Cross-site scripting (XSS) vulnerability in the toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2 and Office SharePoint Server 2007 SP2, allows remote attacke…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.381 (97.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N.

Affected products

Microsoft Internet_explorer — versions 8
Microsoft Sharepoint_server — versions 2007
Microsoft Sharepoint_services — versions 3.0
Microsoft Windows_7
Microsoft Windows_server_2003
Microsoft Windows_server_2008 — versions r2
Microsoft Windows_vista
Microsoft Windows_xp
N/a — versions n/a

Weakness classification (CWE)

CWE-79 — Cross-site Scripting

References

oval:org.mitre.oval:def:7637 (x_refsource_OVAL, signature, vdb-entry)
MS10-071 (x_refsource_MS, vendor-advisory)
MS10-072 (x_refsource_MS, vendor-advisory)
TA10-285A (US Government Resource, x_refsource_CERT, third-party-advisory)
secure@microsoft.com (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2010-3243?: CVE-2010-3243 is a medium-severity vulnerability in Microsoft Internet_explorer, classified under Cross-site Scripting. CVSS score: 4.3/10. Published 2010-10-13.
How severe is CVE-2010-3243?: Medium severity. CVSS v3 base score is 4.3 out of 10.