Computer Security
[EN] securityvulns.ru no-pyccku


Microsoft SharePoint multiple XSS
Published:15.02.2012
Source:
SecurityVulns ID:12203
Type:remote
Threat Level:
5/10
Description:XSS in different pages.
Affected:MICROSOFT : SharePoint Server 2010
 MICROSOFT : SharePoint Foundation 2010
CVE:CVE-2012-0145 (Cross-site scripting (XSS) vulnerability in wizardlist.aspx in Microsoft Office SharePoint Server 2010 Gold and SP1 and SharePoint Foundation 2010 Gold and SP1 allows remote attackers to inject arbitrary web script or HTML via JavaScript sequences in a URL, aka "XSS in wizardlist.aspx Vulnerability.")
 CVE-2012-0144 (Cross-site scripting (XSS) vulnerability in themeweb.aspx in Microsoft Office SharePoint Server 2010 Gold and SP1 and SharePoint Foundation 2010 Gold and SP1 allows remote attackers to inject arbitrary web script or HTML via JavaScript sequences in a URL, aka "XSS in themeweb.aspx Vulnerability.")
 CVE-2012-0017 (Cross-site scripting (XSS) vulnerability in inplview.aspx in Microsoft SharePoint Foundation 2010 Gold and SP1 allows remote attackers to inject arbitrary web script or HTML via JavaScript sequences in a URL, aka "XSS in inplview.aspx Vulnerability.")
Files:Microsoft Security Bulletin MS12-011 - Important Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege (2663841)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod