Intrusion Prevention

MS.SharePoint.Notes.XSS

Description

This indicates an attack attempt against a Cross-Site Scripting vulnerability in Microsoft SharePoint Server.
This vulnerability exists due to insufficient sanitizing of user input. It allows attackers to inject JavaScript code to potentially issue SharePoint commands in the context of another authenticated user.

Affected Products

Microsoft SharePoint Server 2016

Impact

System Compromise: Remote attackers can execute arbitrary script code within the context of the target user.