2 matches found
Microsoft SharePoint Callback Function Elevation of Privilege (MS13-024) - Ver2 (CVE-2013-0080)
An information disclosure and elevation of privilege vulnerability has been reported in Microsoft SharePoint. The vulnerability is due to an error in the way Microsoft SharePoint handles specially crafted URLs containing malicious JavaScript elements. A remote attacker may exploit this issue by...
CVE-2013-0080
CVE-2013-0080 affects Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1. A crafted URL vulnerability (Callback Function Vulnerability) lets remote attackers bypass read restrictions and hijack user accounts by enticing a target user to visit a malicious page. The issue arise...