Office Web Apps Security Vulnerabilities and Issues — Office Web Apps CVE List

Lucene search

MicrosoftOffice Web Apps

3 matches found

CVE•added 2012/07/10 9:55 p.m.•150 views

CVE-2012-1859

Cross-site scripting (XSS) vulnerability in scriptresx.ashx in Microsoft SharePoint Server 2010 Gold and SP1, SharePoint Foundation 2010 Gold and SP1, and Office Web Apps 2010 Gold and SP1 allows remote attackers to inject arbitrary web script or HTML via crafted JavaScript elements in a URL, aka "...

4.3CVSS5.6AI score0.61898EPSS

CVE•added 2012/07/10 9:55 p.m.•132 views

CVE-2012-1861

Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 Gold and SP1, SharePoint Foundation 2010 Gold and SP1, and Office Web Apps 2010 Gold and SP1 allows remote attackers to inject arbitrary web script or HTML via crafted JavaScript elements in a URL, aka "SharePoint Script i...

4.3CVSS5.6AI score0.55935EPSS

CVE•added 2012/07/10 9:55 p.m.•69 views

CVE-2012-1860

Microsoft Office SharePoint Server 2007 SP2 and SP3, SharePoint Server 2010 Gold and SP1, and Office Web Apps 2010 Gold and SP1 do not properly check permissions for search scopes, which allows remote authenticated users to obtain sensitive information or cause a denial of service (data modificatio...

5.5CVSS6.3AI score0.01445EPSS