CVE-2005-0049

Опубликовано: 02 мая 2005

Источник: nvd

CVSS2: 4.3

EPSS Средний

Описание

Windows SharePoint Services and SharePoint Team Services for Windows Server 2003 does not properly validate an HTTP redirection query, which allows remote attackers to inject arbitrary HTML and web script via a cross-site scripting (XSS) attack, or to spoof the web cache.

Ссылки

http://www.kb.cert.org/vuls/id/340409
Patch
US Government Resource
http://www.us-cert.gov/cas/techalerts/TA05-039A.html
Patch
US Government Resource
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-006
https://exchange.xforce.ibmcloud.com/vulnerabilities/19091
http://www.kb.cert.org/vuls/id/340409
Patch
US Government Resource
http://www.us-cert.gov/cas/techalerts/TA05-039A.html
Patch
US Government Resource
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-006
https://exchange.xforce.ibmcloud.com/vulnerabilities/19091

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:microsoft:sharepoint_portal_server:2003:*:*:*:*:*:*:*

cpe:2.3:a:microsoft:sharepoint_portal_server:2003:sp1:*:*:*:*:*:*

cpe:2.3:a:microsoft:sharepoint_team_services:*:*:*:*:*:*:*:*

EPSS

Процентиль: 96%

0.24059

Средний

4.3 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-2m6m-4m28-hxfc

github

почти 4 года назад