New Search

XSS in themeweb.aspx Vulnerability

oval:org.mitre.oval:def:14386

Cross-site scripting (XSS) vulnerability in themeweb.aspx in Microsoft Office SharePoint Server 2010 Gold and SP1 and SharePoint Foundation 2010 Gold and SP1 allows remote attackers to inject arbitrary web script or HTML via JavaScript sequences in a URL aka "XSS in themeweb.aspx Vulnerability."

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows Server 2008
  • Microsoft Windows Vista
  • Microsoft Windows 2000
  • Microsoft Windows 7
  • Microsoft Windows Server 2003
  • Microsoft Windows XP
  • Microsoft Windows Server 2008 R2
Class:
vulnerability
Reference(s):
  • CVE-2012-0144
Product(s):
  • Microsoft SharePoint Server 2010
  • Microsoft SharePoint Foundation 2010