Описание
Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allow remote authenticated users to bypass intended Access Control Policy restrictions and conduct cross-site scripting (XSS) attacks by modifying a webpart, aka "Microsoft SharePoint Security Feature Bypass," a different vulnerability than CVE-2015-6117.
Уязвимые конфигурации
EPSS
5.4 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
Связанные уязвимости
Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allow remote authenticated users to bypass intended Access Control Policy restrictions and conduct cross-site scripting (XSS) attacks by modifying a webpart, aka "Microsoft SharePoint Security Feature Bypass," a different vulnerability than CVE-2015-6117.
Уязвимость пакета корпоративных приложений Microsoft SharePoint Server, программного обеспечения для электронного документооборота Microsoft SharePoint Foundation, позволяющая нарушителю провести XSS-атаки и обойти существующие политики ограничения доступа
EPSS
5.4 Medium
CVSS3
3.5 Low
CVSS2