Lucene search

K

[email protected]NVD:CVE-2012-1861

HistoryJul 10, 2012 - 9:55 p.m.

CVE-2012-1861

2012-07-1021:55:05

CWE-79

[email protected]

web.nvd.nist.gov

6

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.5

Confidence

High

EPSS

0.839

Percentile

98.5%

Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 Gold and SP1, SharePoint Foundation 2010 Gold and SP1, and Office Web Apps 2010 Gold and SP1 allows remote attackers to inject arbitrary web script or HTML via crafted JavaScript elements in a URL, aka “SharePoint Script in Username Vulnerability.”

Affected configurations

Nvd

Node

microsoftoffice_web_appsMatch2010

OR

microsoftoffice_web_appsMatch2010sp1

OR

microsoftsharepoint_foundationMatch2010

OR

microsoftsharepoint_foundationMatch2010sp1

OR

microsoftsharepoint_serverMatch2010

OR

microsoftsharepoint_serverMatch2010sp1

References

www.us-cert.gov/cas/techalerts/TA12-192A.html

docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-050

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15544

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.5

Confidence

High

EPSS

0.839

Percentile

98.5%

Related for NVD:CVE-2012-1861

prion1 checkpoint_advisories1 symantec1 cve1 cvelist1 securityvulns1 nessus1 openvas1 mskb1