XSS in Microsoft Office_sharepoint_server
CVE-2012-1863
Cross-site scripting (XSS) vulnerability in Microsoft Office SharePoint Server 2007 SP2 and SP3 Windows SharePoint Services 3.0 SP2, and SharePoint Foundation 2010 Gold and SP1 allows remote attackers to inject arbitrary web script or HTML…
Vulnerability class: XSS (Cross-Site Scripting)
EPSS: 0.413 (97.5th percentile) — read the EPSS interpretation.
Affected products
- Microsoft Office_sharepoint_server — versions 2007
- Microsoft Sharepoint_foundation — versions 2010
- Microsoft Sharepoint_server — versions 2007
- Microsoft Sharepoint_services — versions 3.0
- N/a — versions n/a
Weakness classification (CWE)
References
- TA12-192A (US Government Resource, x_refsource_CERT, third-party-advisory)
- MS12-050 (x_refsource_MS, vendor-advisory)
- oval:org.mitre.oval:def:15689 (x_refsource_OVAL, signature, vdb-entry)