2 matches found
CVE-2018-0799
CVE-2018-0799 is a cross-site scripting (XSS) vulnerability in Microsoft Access within SharePoint Server 2013 SP1 and SharePoint Server 2016, caused by improper sanitization of image field values edited in Design view. Exploitation can allow JavaScript execution in the victim’s browser, potential...
Security Update for Microsoft SharePoint Server (January 2018)
The Microsoft SharePoint Server or Microsoft Project Server installation on the remote host is missing security updates. It is, therefore, affected by the following vulnerabilities : - An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a...