Skip to main content

Microsoft SharePoint Multiple Vulnerabilities ( 13 October 2010 )

Last Update Date: 28 Jan 2011 Release Date: 13 Oct 2010 5412 Views

RISK: Medium Risk

1. HTML Sanitization Vulnerability

An information disclosure vulnerability exists in the way that HTML is filtered that could allow an attacker to perform cross-site scripting attacks and run script in the security context of the logged-on user.

2. HTML Sanitization Vulnerability

An information disclosure vulnerability exists in the way that the SafeHTML function sanitizes HTML. An attacker who successfully exploited this vulnerability could perform cross-site scripting attacks and run script in the security context of the logged-on user.


Impact

  • Information Disclosure

System / Technologies affected

  • Microsoft Windows SharePoint Services 3.0
  • Microsoft SharePoint Foundation 2010
  • Microsoft Office SharePoint Server 2007
  • Microsoft Groove Server 2010
  • Microsoft Office Web Apps

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Download locations for this patch


Vulnerability Identifier


Source


Related Link