Check Point Advisories

Microsoft Share Point Picker Cross-Site Scripting (MS11-074)

Check Point Reference: CPAI-2011-117
Date Published: 13 Sep 2011
Severity: High
Last Updated: 1 Jan 2011
Source: Microsoft Security Bulletin MS11-074
Industry Reference:CVE-2011-1891
Protection Provided by:
Who is Vulnerable? SharePoint Server 2010
Vulnerability Description Multiple cross-site scripting vulnerabilities have been reported in Microsoft SharePoint Server. A remote attacker could exploit these vulnerabilities to execute a cross-site scripting attack that could allow him to issue commands in an affected SharePoint server.
Update/Patch AvaliableMicrosoft Security Bulletin MS11-074
Vulnerability DetailsThe vulnerabilities are due to insufficient validation of user input by an affected SharePoint server. An attacker can exploit these vulnerabilities by convincing unsuspecting users to open a specially crafted website. Successful exploitation will allow an attacker to issue SharePoint commands in an affected server, in the security context of the logged in user.

Protection Overview

×
  Feedback
This website uses cookies to ensure you get the best experience. Got it, Thanks! MORE INFO