MS.SharePoint.App.Links.Notes.XSS
Description
This indicates an attack attempt against a persistent cross-site scripting vulnerability in Microsoft SharePoint Server.
This vulnerability exists due to insufficient sanitizing user input. It allows attackers to inject JavaScript code to potentially issue SharePoint commands in the context of another authenticated user.
Affected Products
Microsoft SharePoint Server 2013
Microsoft SharePoint Server 2013 Service Pack 1
Impact
Persistent Cross-Site Scripting vulnerability which allows attackers to inject malicious JavaScript code.
Recommended Actions
Apply the latest update from the vendor.
https://technet.microsoft.com/library/security/ms15-099
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |