XSS in Microsoft Sharepoint_foundation

CVE-2015-1633

Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Foundation 2010 SP2, SharePoint Server 2010 SP2, SharePoint Foundation 2013 Gold and SP1, and SharePoint Server 2013 Gold and SP1 allows remote authenticated users to inject…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.079 (92.2th percentile) — read the EPSS interpretation.

Affected products

Microsoft Sharepoint_foundation — versions 2010, 2013
Microsoft Sharepoint_server — versions 2010, 2013
N/a — versions n/a

Weakness classification (CWE)

CWE-79 — Cross-site Scripting

References

MS15-022 (x_refsource_MS, vendor-advisory)
1031895 (vdb-entry, x_refsource_SECTRACK)