Microsoft » Sharepoint Foundation : Security Vulnerabilities, CVEs, Published In 2016 (XSS)

CVE-2016-0039

Cross-site scripting (XSS) vulnerability in SharePoint Server in Microsoft SharePoint Foundation 2013 SP1 allows remote attackers to inject arbitrary web script or HTML via a crafted request, aka "Microsoft SharePoint XSS Vulnerability."
Max CVSS
6.1
EPSS Score
4.31%
Published
2016-02-10
Updated
2018-10-12

CVE-2016-0011

Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allow remote authenticated users to bypass intended Access Control Policy restrictions and conduct cross-site scripting (XSS) attacks by modifying a webpart, aka "Microsoft SharePoint Security Feature Bypass," a different vulnerability than CVE-2015-6117.
Max CVSS
5.4
EPSS Score
0.12%
Published
2016-01-13
Updated
2018-10-12

CVE-2015-6117

Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allow remote authenticated users to bypass intended Access Control Policy restrictions and conduct cross-site scripting (XSS) attacks by modifying a webpart, aka "Microsoft SharePoint Security Feature Bypass," a different vulnerability than CVE-2016-0011.
Max CVSS
6.1
EPSS Score
0.73%
Published
2016-01-13
Updated
2018-10-12
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close