Unrated severityNVD Advisory· Published Mar 11, 2015· Updated Jun 17, 2026
CVE-2015-1636
CVE-2015-1636
Description
Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Foundation 2013 Gold and SP1 and SharePoint Server 2013 Gold and SP1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted request, aka "Microsoft SharePoint XSS Vulnerability."
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6cpe:2.3:a:microsoft:sharepoint_foundation:2013:-:-:*:gold:*:*:*+ 2 more
- cpe:2.3:a:microsoft:sharepoint_foundation:2013:-:-:*:gold:*:*:*
- cpe:2.3:a:microsoft:sharepoint_foundation:2013:sp1:*:*:*:*:*:*
- (no CPE)range: <=2013 SP1
cpe:2.3:a:microsoft:sharepoint_server:2013:-:-:*:gold:*:*:*+ 2 more
- cpe:2.3:a:microsoft:sharepoint_server:2013:-:-:*:gold:*:*:*
- cpe:2.3:a:microsoft:sharepoint_server:2013:sp1:*:*:*:*:*:*
- (no CPE)range: <=2013 SP1
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.