MS.SharePoint.Notes.XSS
Description
This indicates an attack attempt against a Cross-Site Scripting vulnerability in Microsoft SharePoint Server.
This vulnerability exists due to insufficient sanitizing of user input. It allows attackers to inject JavaScript code to potentially issue SharePoint commands in the context of another authenticated user.
Affected Products
Microsoft SharePoint Server 2016
Impact
System Compromise: Remote attackers can execute arbitrary script code within the context of the target user.
Recommended Actions
Apply the latest update from the vendor.
https://support.microsoft.com/en-us/help/3141486/ms17-002-description-of-the-security-update-for-sharepoint-server-2016
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2019-07-25 | 14.659 | Name:FG-VD-16-038_Microsoft. 0day:MS. SharePoint. Notes. XSS |