) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:microsoft:sharepoint_server:2010:sp2:*:*:*:*:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2011-1890 |
Cross-site scripting (XSS) vulnerability in EditForm.aspx in Microsoft Office SharePoint Server 2010 and SharePoint Foundation 2010 allows remote attackers to inject arbitrary web script or HTML via a post, aka "Editform Script Injection Vulnerability." Published: September 15, 2011; 8:26:48 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2011-0653 |
Cross-site scripting (XSS) vulnerability in Microsoft Office SharePoint Server 2010 Gold and SP1, and SharePoint Foundation 2010, allows remote attackers to inject arbitrary web script or HTML via the URI, aka "XSS in SharePoint Calendar Vulnerability." Published: September 15, 2011; 8:26:48 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2009-5092 |
Cross-site scripting (XSS) vulnerability in the management interface in Microsoft FAST ESP 5.1.5 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Published: September 12, 2011; 8:40:39 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2008-5026 |
Microsoft SharePoint uses URLs with the same hostname and port number for a web site's primary files and individual users' uploaded files (aka attachments), which allows remote authenticated users to leverage same-origin relationships and conduct cross-site scripting (XSS) attacks by uploading HTML documents. Published: November 10, 2008; 10:23:29 AM -0500 |
V3.x:(not available) V2.0: 3.5 LOW |