Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2012-2520
HistoryOct 09, 2012 - 9:55 p.m.

CVE-2012-2520

2012-10-0921:55:00
CWE-79
[email protected]
web.nvd.nist.gov
27
cve-2012-2520
xss vulnerability
microsoft
infopath
communicator
lync
sharepoint
groove server
windows sharepoint services
sharepoint foundation
office web apps
remote attackers
html injection

5.6 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.223 Low

EPSS

Percentile

96.4%

JSON

Cross-site scripting (XSS) vulnerability in Microsoft InfoPath 2007 SP2 and SP3 and 2010 SP1, Communicator 2007 R2, Lync 2010 and 2010 Attendee, SharePoint Server 2007 SP2 and SP3 and 2010 SP1, Groove Server 2010 SP1, Windows SharePoint Services 3.0 SP2, SharePoint Foundation 2010 SP1, and Office Web Apps 2010 SP1 allows remote attackers to inject arbitrary web script or HTML via a crafted string, aka “HTML Sanitization Vulnerability.”

Related

nessus 1
seebug 2
securityvulns 1
prion 1
openvas 1
nessus
nessus
MS12-066: Vulnerability in HTML Sanitization Component Could Allow Elevation of Privilege (2741517)
2012-10-10 00:00:00
seebug
seebug
Microsoft SharePoint和Microsoft Lync HTML过滤跨站脚本执行漏洞 (MS12-067)
2012-10-11 00:00:00
Microsoft多个产品HTML过滤组件跨站脚本执行漏洞(MS12-066)
2012-10-11 00:00:00
securityvulns
securityvulns
Multiple Microsoft web applications crossite scripting
2012-10-09 00:00:00
prion
prion
Cross site scripting
2012-10-09 21:55:00
openvas
openvas
Microsoft Products HTML Sanitisation Component XSS Vulnerability (2741517)
2012-10-10 00:00:00

5.6 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.223 Low

EPSS

Percentile

96.4%

JSON
Related for CVE-2012-2520
nessus1seebug2securityvulns1prion1openvas1