Microsoft : Security Vulnerabilities Published In 2013 (XSS)
Cross-site scripting (XSS) vulnerability in Outlook Web Access in Microsoft Exchange Server 2010 SP2 and SP3 and 2013 Cumulative Update 2 and 3 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "OWA XSS Vulnerability."
| Max Base Score | 4.3 |
| Published | 2013-12-11 |
| Updated | 2019-06-01 |
| EPSS | 21.09% |
Cross-site scripting (XSS) vulnerability in Microsoft ASP.NET SignalR 1.1.x before 1.1.4 and 2.0.x before 2.0.1, and Visual Studio Team Foundation Server 2013, allows remote attackers to inject arbitrary web script or HTML via crafted Forever Frame transport protocol data, aka "SignalR XSS Vulnerability."
| Max Base Score | 4.3 |
| Published | 2013-12-11 |
| Updated | 2018-10-12 |
| EPSS | 7.51% |
Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to inject arbitrary web script or HTML via crafted character sequences with EUC-JP encoding, aka "EUC-JP Character Encoding Vulnerability."
| Max Base Score | 4.3 |
| Published | 2013-08-14 |
| Updated | 2018-10-12 |
| EPSS | 81.19% |
Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 SP1 and SP2 and 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted POST request, aka "POST XSS Vulnerability."
| Max Base Score | 4.3 |
| Published | 2013-09-11 |
| Updated | 2018-10-12 |
| EPSS | 75.49% |
Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted request, aka "SharePoint XSS Vulnerability."
| Max Base Score | 4.3 |
| Published | 2013-09-11 |
| Updated | 2018-10-12 |
| EPSS | 15.22% |
Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to inject arbitrary web script or HTML via vectors involving incorrect auto-selection of the Shift JIS encoding, leading to cross-domain scrolling events, aka "Shift JIS Character Encoding Vulnerability," a different vulnerability than CVE-2013-0015.
| Max Base Score | 4.3 |
| Published | 2013-07-10 |
| Updated | 2018-10-12 |
| EPSS | 78.70% |
Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 SP1, Groove Server 2010 SP1, SharePoint Foundation 2010 SP1, and Office Web Apps 2010 SP1 allows remote attackers to inject arbitrary web script or HTML via a crafted string, aka "HTML Sanitization Vulnerability."
| Max Base Score | 4.3 |
| Published | 2013-04-09 |
| Updated | 2018-10-12 |
| EPSS | 91.66% |
Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 SP1 allows remote attackers to inject arbitrary web script or HTML via crafted content, leading to administrative command execution, aka "SharePoint XSS Vulnerability."
| Max Base Score | 4.3 |
| Published | 2013-03-13 |
| Updated | 2018-10-12 |
| EPSS | 93.90% |
Cross-site scripting (XSS) vulnerability in Microsoft System Center Operations Manager 2007 SP1 and R2 allows remote attackers to inject arbitrary web script or HTML via crafted input, aka "System Center Operations Manager Web Console XSS Vulnerability," a different vulnerability than CVE-2013-0009.
| Max Base Score | 4.3 |
| Published | 2013-01-09 |
| Updated | 2018-10-12 |
| EPSS | 50.02% |
Cross-site scripting (XSS) vulnerability in Microsoft System Center Operations Manager 2007 SP1 and R2 allows remote attackers to inject arbitrary web script or HTML via crafted input, aka "System Center Operations Manager Web Console XSS Vulnerability," a different vulnerability than CVE-2013-0010.
| Max Base Score | 4.3 |
| Published | 2013-01-09 |
| Updated | 2018-10-12 |
| EPSS | 50.02% |
10 vulnerabilities found