Microsoft SharePoint 'scriptresx.ashx'跨站脚本漏洞

Bugtraq ID:54312 CVE ID:CVE-2012-1859 Microsoft SharePoint Server是一款服务器功能集成套件，提供全面的内容管理和企业搜索、加速共享业务流程并便利跨界限信息共享。 Microsoft SharePoint Server scriptresx.ashx脚本存在一个跨站脚本漏洞，允许攻击者通过在URL中构建特制JavaScript元素，注入任意WEB脚本或HTML，可获得敏感信息或劫持用户会话。 0 Microsoft SharePoint Server 2010 Standard Edition Microsoft...

Microsoft SharePoint XSS scriptresx.ashx Elevation of Privilege (MS12-050; CVE-2012-1859)

An information disclosure and elevation of privilege vulnerability has been reported in Microsoft SharePoint...