Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allow remote authenticated users to bypass intended Access Control Policy restrictions and conduct cross-site scripting (XSS) attacks by modifying a webpart, aka “Microsoft SharePoint Security Feature Bypass,” a different vulnerability than CVE-2015-6117.
CPE | Name | Operator | Version |
---|---|---|---|
sharepoint_foundation | eq | 2013 sp1 | |
sharepoint_server | eq | 2013 sp1 |