logo
DATABASE RESOURCES PRICING ABOUT US

Microsoft SharePoint Services Help.aspx 'cid0' Parameter XSS

Description

The version of Microsoft SharePoint Services running on the remote host has a cross-site scripting vulnerability. Input sent to the 'cid0' parameter of '/_layouts/help.aspx' is not properly sanitized. A remote attacker could exploit this by tricking a user into making a malicious request, resulting in the execution of arbitrary script code.


Related