Lucene search

K
cveMicrosoftCVE-2015-2522
HistorySep 09, 2015 - 12:59 a.m.

CVE-2015-2522

2015-09-0900:59:34
CWE-79
microsoft
web.nvd.nist.gov
49
cve
2015
2522
cross-site scripting
xss
vulnerability
microsoft sharepoint
foundation 2013
nvd

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

AI Score

4.7

Confidence

High

EPSS

0.004

Percentile

74.1%

Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Foundation 2013 SP1 allows remote authenticated users to inject arbitrary web script or HTML via crafted content, aka “Microsoft SharePoint XSS Spoofing Vulnerability.”

Affected configurations

Nvd
Node
microsoftsharepoint_foundationMatch2013sp1
VendorProductVersionCPE
microsoftsharepoint_foundation2013cpe:2.3:a:microsoft:sharepoint_foundation:2013:sp1:*:*:*:*:*:*

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

AI Score

4.7

Confidence

High

EPSS

0.004

Percentile

74.1%