The vulnerability of the Microsoft SharePoint Server software lies in the lack of measures taken to protect the structure of web pages, allowing attackers to execute cross-site scripting attacks.

🗓️ 07 Sep 2021 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 1 Views

The SharePoint Server vulnerability enables remote cross-site scripting due to website protection.

Reporter	Title	Published	Views	Family All 16
Circl	CVE-2010-0817	29 Apr 201000:00	–	circl
Check Point Advisories	Microsoft Office SharePoint Server help.aspx Cross Site Scripting (CVE-2010-0817)	2 May 201000:00	–	checkpoint_advisories
CVE	CVE-2010-0817	29 Apr 201021:00	–	cve
Cvelist	CVE-2010-0817	29 Apr 201021:00	–	cvelist
htbridge	Cross-site Scripting Vulnerability in Microsoft SharePoint Server 2007	12 Apr 201000:00	–	htbridge
NVD	CVE-2010-0817	29 Apr 201021:30	–	nvd
OpenVAS	Microsoft SharePoint Server 2007 '_layouts/help.aspx' Cross Site Scripting Vulnerability	14 Sep 201100:00	–	openvas
OpenVAS	Microsoft SharePoint Server 2007 XSS Vulnerability (MS10-039) - Active Check	14 Sep 201100:00	–	openvas
OpenVAS	Microsoft SharePoint '_layouts/help.aspx' XSS Vulnerability (MS10-039)	4 May 201000:00	–	openvas
OpenVAS	Microsoft SharePoint '_layouts/help.aspx' Cross Site Scripting Vulnerability	4 May 201000:00	–	openvas

Vulners

Node

microsoft microsoft_sharepointMatch2007

Source	Link
htbridge	www.htbridge.ch/advisory/xss_in_microsoft_sharepoint_server_2007.html
securityfocus	www.securityfocus.com/archive/1/511021/100/0/threaded
us-cert	www.us-cert.gov/cas/techalerts/TA10-159B.html
docs	www.docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-039
oval	www.oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7468
web	www.web.nvd.nist.gov/view/vuln/detail

30 Nov 2021 00:00Current

5.2Medium risk

Vulners AI Score5.2

CVSS 24.3

EPSS0.28707

SharePoint Server cross site scripting website protection remote exploitation