CVE-2015-1633

Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Foundation 2010 SP2, SharePoint Server 2010 SP2, SharePoint Foundation 2013 Gold and SP1, and SharePoint Server 2013 Gold and SP1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted request, aka "Microsoft SharePoint XSS Vulnerability."
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:microsoft:sharepoint_foundation:2010:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:sharepoint_foundation:2013:-:-:*:gold:*:*:*
cpe:2.3:a:microsoft:sharepoint_foundation:2013:sp1:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:microsoft:sharepoint_server:2010:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:sharepoint_server:2013:-:-:*:gold:*:*:*
cpe:2.3:a:microsoft:sharepoint_server:2013:sp1:*:*:*:*:*:*

History

21 Nov 2024, 02:25

Type Values Removed Values Added
References () http://www.securitytracker.com/id/1031895 - () http://www.securitytracker.com/id/1031895 -
References () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-022 - () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-022 -

Information

Published : 2015-03-11 10:59

Updated : 2024-11-21 02:25


NVD link : CVE-2015-1633

Mitre link : CVE-2015-1633

CVE.ORG link : CVE-2015-1633


JSON object : View

Products Affected

microsoft

  • sharepoint_server
  • sharepoint_foundation
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')