CVE-2015-1633

Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Foundation 2010 SP2, SharePoint Server 2010 SP2, SharePoint Foundation 2013 Gold and SP1, and SharePoint Server 2013 Gold and SP1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted request, aka "Microsoft SharePoint XSS Vulnerability."
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:microsoft:sharepoint_foundation:2010:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:sharepoint_foundation:2013:-:-:*:gold:*:*:*
cpe:2.3:a:microsoft:sharepoint_foundation:2013:sp1:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:microsoft:sharepoint_server:2010:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:sharepoint_server:2013:-:-:*:gold:*:*:*
cpe:2.3:a:microsoft:sharepoint_server:2013:sp1:*:*:*:*:*:*

History

No history.

Information

Published : 2015-03-11 10:59

Updated : 2024-02-04 18:35


NVD link : CVE-2015-1633

Mitre link : CVE-2015-1633

CVE.ORG link : CVE-2015-1633


JSON object : View

Products Affected

microsoft

  • sharepoint_foundation
  • sharepoint_server
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')