Cross-site scripting (XSS) vulnerability in Microsoft Windows SharePoint Services 2.0 allows remote attackers to inject arbitrary web script or HTML via the Picture Source (aka picture object source) field in the Rich Text Editor.
References
Configurations
History
21 Nov 2024, 00:45
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.caughq.org/advisories/CAU-2008-0002.txt - | |
References | () http://www.securityfocus.com/archive/1/490624/100/0/threaded - | |
References | () http://www.securityfocus.com/bid/28706 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/41934 - |
Information
Published : 2008-04-18 21:05
Updated : 2024-11-21 00:45
NVD link : CVE-2008-1888
Mitre link : CVE-2008-1888
CVE.ORG link : CVE-2008-1888
JSON object : View
Products Affected
microsoft
- sharepoint_server
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')