Lucene search
MicrosoftCVE-2015-1640HistoryApr 14, 2015 - 8:59 p.m.
CVE-2015-1640
2015-04-1420:59:04
CWE-79
microsoft
web.nvd.nist.gov
51
microsoft
project server
xss
vulnerability
cve-2015-1640
nvd
security
sharepoint
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5
Confidence
High
EPSS
0.547
Percentile
97.7%
Cross-site scripting (XSS) vulnerability in Microsoft Project Server 2010 SP2 and 2013 SP1 allows remote attackers to inject arbitrary web script or HTML via a crafted request, aka “Microsoft SharePoint XSS Vulnerability.”
Affected configurations
Node
microsoftproject_serverMatch2010sp2
ORmicrosoftproject_serverMatch2013sp1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | project_server | 2010 | cpe:2.3:a:microsoft:project_server:2010:sp2:*:*:*:*:*:* |
| microsoft | project_server | 2013 | cpe:2.3:a:microsoft:project_server:2013:sp1:*:*:*:*:*:* |
Related
openvas
openvas
Microsoft Project Server Elevation of Privilege Vulnerability (3052044)
2015-04-15 00:00:00
symantec
symantec
Microsoft SharePoint CVE-2015-1640 Cross Site Scripting Vulnerability
2015-04-14 00:00:00
prion
prion
Cross site scripting
2015-04-14 20:59:00
cvelist
cvelist
CVE-2015-1640
2015-04-14 20:00:00
nvd
nvd
CVE-2015-1640
2015-04-14 20:59:04
mskb
mskb
nessus
nessus
kaspersky
kaspersky
KLA10561 Code injection vulnerability in Microsoft Sharepoint
2015-04-14 00:00:00
checkpoint_advisories
checkpoint_advisories
securityvulns
securityvulns
Microsoft Office and Sharepoint multiple security vulnerabilities
2015-04-16 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5
Confidence
High
EPSS
0.547
Percentile
97.7%
Related for CVE-2015-1640