Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2015-6117

šŸ—“ļøĀ 13 Jan 2016Ā 05:59:00Reported byĀ [email protected]TypeĀ 
nvd
Ā nvdšŸ”—Ā web.nvd.nist.govšŸ‘Ā 17Ā Views

Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allow remote authenticated users to bypass Access Control Policy restrictions and conduct cross-site scripting attacks by modifying a webpart

Related
Detection
Refs
ReporterTitlePublishedViews
Family
BDU FSTEC		The vulnerability in the Microsoft SharePoint Server corporate application suite, a software solution for electronic document management called Microsoft SharePoint Foundation, allows attackers to carry out XSS attacks and circumvent existing access control policies.
21 Jan 201600:00
ā€“bdu_fstec
CNVD		Microsoft SharePoint Server Security Mechanism Bypass Vulnerability
15 Jan 201600:00
ā€“cnvd
CVE		CVE-2015-6117
13 Jan 201602:00
ā€“cve
CVE		CVE-2016-0011
13 Jan 201602:00
ā€“cve
Cvelist		CVE-2015-6117
13 Jan 201602:00
ā€“cvelist
EUVD		EUVD-2015-6060
7 Oct 202500:30
ā€“euvd
Microsoft KB		MS16-004: Security Update for Microsoft Office to Address Remote Code Execution: January 12, 2016
12 Jan 201600:00
ā€“mskb
Kaspersky		KLA10738 Multiple vulnerabilities in Microsoft Office
12 Jan 201600:00
ā€“kaspersky
OpenVAS		Microsoft SharePoint Server and Foundation Multiple Vulnerabilities (3124585)
13 Jan 201600:00
ā€“openvas
Prion		Security feature bypass
13 Jan 201605:59
ā€“prion
Rows per page
NVD
Node
microsoftsharepoint_foundationMatch2013sp1
OR
microsoftsharepoint_serverMatch2013sp1

Data

Build on a solid foundation withĀ Vulners data

WeĀ provide theĀ essential building blocks forĀ cybersecurity solutions withĀ comprehensive, structured, andĀ constantly updated vulnerability andĀ exploits data

Api

Power your application withĀ Vulners API

The Vulners REST API offers reliable, high-performance access toĀ vulnerabilityĀ intelligence, withĀ 99.9%Ā SLAĀ uptime andĀ CDN-backed data delivery forĀ seamlessĀ global access

App

Assess and manage vulnerabilities withĀ VulnersĀ tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
06 May 2026 22:30Current
5.2Medium risk
Vulners AI Score5.2
CVSS 24.3
CVSS 36.1
EPSS0.01188
CWE-79
sharepoint serverremote authenticated usersaccess control policycross-site scriptingwebpart modification
17