Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Microsoft Browser Information Disclosure Vulnerability."
Source: Microsoft Corporation
Max CVSS
6.1
EPSS Score
1.10%
Published
2016-12-20
Updated
2018-10-12
Cross-site scripting (XSS) vulnerability in Microsoft Edge allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Microsoft Edge Information Disclosure Vulnerability," a different vulnerability than CVE-2016-7206.
Source: Microsoft Corporation
Max CVSS
6.1
EPSS Score
17.50%
Published
2016-12-20
Updated
2018-10-12
Cross-site scripting (XSS) vulnerability in the MDS API in Microsoft SQL Server 2016 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka "MDS API XSS Vulnerability."
Source: Microsoft Corporation
Max CVSS
6.1
EPSS Score
3.02%
Published
2016-11-10
Updated
2018-10-12
The RegEx class in the XSS filter in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allows remote attackers to conduct cross-site scripting (XSS) attacks and obtain sensitive information via unspecified vectors, aka "Microsoft Browser Information Disclosure Vulnerability."
Source: Microsoft Corporation
Max CVSS
3.1
EPSS Score
2.88%
Published
2016-11-10
Updated
2018-10-12
Cross-site scripting (XSS) vulnerability in Microsoft Edge allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Microsoft Edge Information Disclosure Vulnerability," a different vulnerability than CVE-2016-7280.
Source: Microsoft Corporation
Max CVSS
6.1
EPSS Score
17.50%
Published
2016-12-20
Updated
2018-10-12
Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server 2016 Cumulative Update 1 and 2 allows remote attackers to inject arbitrary web script or HTML via a meeting-invitation request, aka "Microsoft Exchange Elevation of Privilege Vulnerability."
Source: Microsoft Corporation
Max CVSS
6.1
EPSS Score
3.02%
Published
2016-09-14
Updated
2018-10-12
The XSS Filter in Microsoft Internet Explorer 9 through 11 and Microsoft Edge does not properly restrict JavaScript code, which allows remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."
Source: Microsoft Corporation
Max CVSS
5.3
EPSS Score
30.06%
Published
2016-07-13
Updated
2018-10-12
The XSS Filter in Microsoft Internet Explorer 9 through 11 does not properly identify JavaScript, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site, aka "Internet Explorer XSS Filter Vulnerability."
Source: Microsoft Corporation
Max CVSS
6.1
EPSS Score
2.30%
Published
2016-06-16
Updated
2018-10-12
Cross-site scripting (XSS) vulnerability in SharePoint Server in Microsoft SharePoint Foundation 2013 SP1 allows remote attackers to inject arbitrary web script or HTML via a crafted request, aka "Microsoft SharePoint XSS Vulnerability."
Source: Microsoft Corporation
Max CVSS
6.1
EPSS Score
4.31%
Published
2016-02-10
Updated
2018-10-12
Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2013 PS1, 2013 Cumulative Update 10, 2013 Cumulative Update 11, and 2016 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "Exchange Spoofing Vulnerability."
Source: Microsoft Corporation
Max CVSS
6.1
EPSS Score
0.71%
Published
2016-01-13
Updated
2020-04-09
Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2016 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "Exchange Spoofing Vulnerability," a different vulnerability than CVE-2016-0029.
Source: Microsoft Corporation
Max CVSS
6.1
EPSS Score
0.71%
Published
2016-01-13
Updated
2020-04-09
Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2013 PS1, 2013 Cumulative Update 10, and 2016 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "Exchange Spoofing Vulnerability."
Source: Microsoft Corporation
Max CVSS
6.1
EPSS Score
0.71%
Published
2016-01-13
Updated
2020-04-09
Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2016 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "Exchange Spoofing Vulnerability," a different vulnerability than CVE-2016-0031.
Source: Microsoft Corporation
Max CVSS
6.1
EPSS Score
0.71%
Published
2016-01-13
Updated
2020-04-09
Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allow remote authenticated users to bypass intended Access Control Policy restrictions and conduct cross-site scripting (XSS) attacks by modifying a webpart, aka "Microsoft SharePoint Security Feature Bypass," a different vulnerability than CVE-2015-6117.
Source: Microsoft Corporation
Max CVSS
5.4
EPSS Score
0.12%
Published
2016-01-13
Updated
2018-10-12
Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allow remote authenticated users to bypass intended Access Control Policy restrictions and conduct cross-site scripting (XSS) attacks by modifying a webpart, aka "Microsoft SharePoint Security Feature Bypass," a different vulnerability than CVE-2016-0011.
Source: Microsoft Corporation
Max CVSS
6.1
EPSS Score
0.73%
Published
2016-01-13
Updated
2018-10-12
15 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!