exploitDog

CVE-2013-0083

Опубликовано: 13 мар. 2013

Источник: nvd

CVSS2: 4.3

EPSS Средний

Описание

Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 SP1 allows remote attackers to inject arbitrary web script or HTML via crafted content, leading to administrative command execution, aka "SharePoint XSS Vulnerability."

Ссылки

http://www.us-cert.gov/ncas/alerts/TA13-071A
US Government Resource
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-024
http://www.us-cert.gov/ncas/alerts/TA13-071A
US Government Resource
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-024

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:microsoft:sharepoint_foundation:2010:sp1:*:*:*:*:*:*

cpe:2.3:a:microsoft:sharepoint_server:2010:sp1:*:*:*:*:*:*

EPSS

Процентиль: 97%

0.44121

Средний

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-g346-xv5g-x7c6

github

почти 4 года назад

Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 SP1 allows remote attackers to inject arbitrary web script or HTML via crafted content, leading to administrative command execution, aka "SharePoint XSS Vulnerability."

EPSS

Процентиль: 97%

0.44121

Средний

4.3 Medium

CVSS2

Дефекты

CWE-79