CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2 matches found

seebug.org•added 2011/10/21 12:0 a.m.•31 views

Microsoft SharePoint联系方式跨站脚本漏洞(CVE-2011-1891)

Bugtraq ID: 49005 CVE ID：CVE-2011-1891 Microsoft SharePoint Server是一款服务器功能集成套件，提供全面的内容管理和企业搜索、加速共享业务流程并便利跨界限信息共享。通过联系方式传递的输入在返回用户之前缺少过滤，可导致跨站脚本攻击，允许攻击者通过合法用户账户执行恶意操作，如重定向用户到恶意站点或窃取用户敏感信息。 Microsoft SharePoint Services 64-bit 3.0 SP2 Microsoft SharePoint Services 3.0 SP2 Microsoft SharePoint...

4.3CVSS6.4AI score0.16774EPSS

Exploits1

CVE•added 2011/09/15 10:0 a.m.•71 views

CVE-2011-1891

CVE-2011-1891 is a Cross-site scripting (XSS) vulnerability in Microsoft SharePoint components: Windows SharePoint Services 3.0 SP2, and SharePoint Foundation 2010 Gold/SP1. The issue arises from unfiltered input in a request to a script, allowing remote attackers to inject arbitrary web script o...

4.3CVSS5.1AI score0.16774EPSS

Exploits1References3Affected Software2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by