Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Prion
Prionadded 2012/06/12 10:55 p.m.17 views

Cross site scripting

The toStaticHTML API aka the SafeHTML component in Microsoft Internet Explorer 8 and 9, Communicator 2007 R2, and Lync 2010 and 2010 Attendee does not properly handle event attributes and script, which makes it easier for remote attackers to conduct cross-site scripting XSS attacks via a crafted...

4.3CVSS5.6AI score0.3827EPSS
Exploits6References6Affected Software3
NVD
NVDadded 2011/06/16 8:55 p.m.14 views

CVE-2011-1252

Cross-site scripting XSS vulnerability in the SafeHTML function in the toStaticHTML API in Microsoft Internet Explorer 7 and 8, Office SharePoint Server 2007 SP2, Office SharePoint Server 2010 Gold and SP1, Groove Server 2010 Gold and SP1, Windows SharePoint Services 3.0 SP2, and SharePoint...

6.1CVSS5.4AI score0.13434EPSS
Exploits3References5
Check Point Advisories
Check Point Advisoriesadded 2011/06/14 12:0 a.m.1 views

Microsoft Internet Explorer toStaticHTML Cross-Site-Scripting (MS11-050; CVE-2011-1252)

An information disclosure vulnerability exists in the way that Internet Explorer handles content using specific strings when sanitizing HTML. An attacker could exploit the vulnerability by constructing a specially crafted Web page that could allow information disclosure if a user viewed the Web...

4.3CVSS5.2AI score0.13434EPSS
Exploits3
Check Point Advisories
Check Point Advisoriesadded 2010/10/12 12:0 a.m.2 views

Microsoft Internet Explorer 8 toStaticHTML API Information Disclosure (MS10-072; CVE-2010-3243)

Multiple memory corruption vulnerabilities have been reported in Microsoft Internet Explorer. An information disclosure vulnerability has been reported in the way that the toStaticHTML API sanitizes HTML. The vulnerability is due to the way that Internet Explorer handles content using specific...

4.3CVSS5.9AI score0.38075EPSS
Exploits0
Check Point Advisories
Check Point Advisoriesadded 2010/10/12 12:0 a.m.3 views

Internet Explorer toStaticHTML API Cross-Site-Scripting (MS10-072; CVE-2010-3324)

Multiple memory corruption vulnerabilities have been reported in Microsoft Internet Explorer. An information disclosure vulnerability has been reported in the way that the toStaticHTML API sanitizes HTML. The vulnerability is due to the way that Internet Explorer handles content using specific...

4.3CVSS5.9AI score0.26442EPSS
Exploits2
Prion
Prionadded 2010/06/08 8:30 p.m.22 views

Cross site scripting

Cross-site scripting XSS vulnerability in the toStaticHTML API, as used in Microsoft Office InfoPath 2003 SP3, 2007 SP1, and 2007 SP2; Office SharePoint Server 2007 SP1 and SP2; SharePoint Services 3.0 SP1 and SP2; and Internet Explorer 8 allows remote attackers to inject arbitrary web script or...

4.3CVSS5.7AI score0.36865EPSS
Exploits1References7Affected Software4
Rows per page
Query Builder