Computer Security
[EN] securityvulns.ru no-pyccku


Microsoft multiple applications crossite scripting
Published:12.04.2013
Source:
SecurityVulns ID:13008
Type:remote
Threat Level:
6/10
Description:Invalid characters sanitization.
Affected:MICROSOFT : InfoPath 2010
 MICROSOFT : SharePoint Server 2010
 MICROSOFT : SharePoint Foundation 2010
 MICROSOFT : Office Web Apps 2010
 MICROSOFT : Groove Server 2010
CVE:CVE-2013-1289 (Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 SP1, Groove Server 2010 SP1, SharePoint Foundation 2010 SP1, and Office Web Apps 2010 SP1 allows remote attackers to inject arbitrary web script or HTML via a crafted string, aka "HTML Sanitization Vulnerability.")
Files:Microsoft Security Bulletin MS13-035 - Important Vulnerability in HTML Sanitization Component Could Allow Elevation of Privilege (2821818)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod