Lucene search
HistoryNov 10, 2008 - 3:23 p.m.
CVE-2008-5026
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
AI Score
5.2
Confidence
High
EPSS
0.006
Percentile
78.6%
Microsoft SharePoint uses URLs with the same hostname and port number for a web site’s primary files and individual users’ uploaded files (aka attachments), which allows remote authenticated users to leverage same-origin relationships and conduct cross-site scripting (XSS) attacks by uploading HTML documents.
Affected configurations
Node
microsoftsharepoint_server
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | sharepoint_server | * | cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:*:*:*:* |
Related
zdt
zdt
SharePoint server cross site scripting vulnerability
2010-02-23 00:00:00
securityvulns
securityvulns
cvelist
cvelist
CVE-2008-5026
2008-11-10 15:00:00
CVE-2010-0716
2010-02-26 19:00:00
prion
prion
Cross site scripting
2008-11-10 15:23:00
Cross site scripting
2010-02-26 19:30:00
packetstorm
packetstorm
SharePoint Server Cross Site Scripting
2010-02-23 00:00:00
cve
cve
CVE-2008-5026
2008-11-10 15:23:29
CVE-2010-0716
2010-02-26 19:30:00
nvd
nvd
CVE-2010-0716
2010-02-26 19:30:00
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
AI Score
5.2
Confidence
High
EPSS
0.006
Percentile
78.6%
Related for NVD:CVE-2008-5026