Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:23116
HistoryOct 21, 2011 - 12:00 a.m.

Microsoft SharePoint联系方式跨站脚本漏洞(CVE-2011-1891)

2011-10-2100:00:00
Root
www.seebug.org
13

0.607 Medium

EPSS

Percentile

97.5%

JSON

Bugtraq ID: 49005
CVE ID:CVE-2011-1891

Microsoft SharePoint Server是一款服务器功能集成套件,提供全面的内容管理和企业搜索、加速共享业务流程并便利跨界限信息共享。
通过联系方式传递的输入在返回用户之前缺少过滤,可导致跨站脚本攻击,允许攻击者通过合法用户账户执行恶意操作,如重定向用户到恶意站点或窃取用户敏感信息。

Microsoft SharePoint Services 64-bit 3.0 SP2
Microsoft SharePoint Services 3.0 SP2
Microsoft SharePoint Foundation 2010 SP1
Microsoft SharePoint Foundation 2010
用户可参考如下供应商提供的安全公告获得补丁信息:
http://technet.microsoft.com/en-us/security/bulletin/ms11-074

Related

prion 1
checkpoint_advisories 2
cve 1
openvas 2
nessus 1
mskb 1
securityvulns 1
prion
prion
Cross site scripting
2011-09-15 12:26:00
checkpoint_advisories
checkpoint_advisories
Microsoft Share Point Picker Cross-Site Scripting (MS11-074)
2011-09-13 00:00:00
Preemptive Protection against Microsoft SharePoint Server Multiple Cross Site Scripting Vulnerabilities (MS11-074)
2011-09-13 00:00:00
cve
cve
CVE-2011-1891
2011-09-15 12:26:00
openvas
openvas
Microsoft SharePoint Multiple Privilege Escalation Vulnerabilities (2451858)
2011-09-14 00:00:00
Microsoft SharePoint Multiple Privilege Escalation Vulnerabilities (2451858)
2011-09-14 00:00:00
nessus
nessus
MS11-074: Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege (2451858)
2011-09-14 00:00:00
mskb
mskb
MS11-074: Vulnerabilities in Microsoft SharePoint could allow elevation of privilege: September 13, 2011
2011-09-13 00:00:00
securityvulns
securityvulns
Microsoft Sharepoint multiple security vulnerabilities
2011-09-20 00:00:00

0.607 Medium

EPSS

Percentile

97.5%

JSON
Related for SSV:23116
prion1checkpoint_advisories2cve1openvas2nessus1mskb1securityvulns1