VYPR

SharePoint Foundation 2013 SP1

by Microsoft

CVEs (10)

  • CVE-2016-0039MedFeb 10, 2016
    Microsoft
    Sharepoint Foundation
    risk 0.40cvss 6.1epss 0.01

    Cross-site scripting (XSS) vulnerability in SharePoint Server in Microsoft SharePoint Foundation 2013 SP1 allows remote attackers to inject arbitrary web script or HTML via a crafted request, aka "Microsoft SharePoint XSS Vulnerability."

  • CVE-2015-6117MedJan 13, 2016
    Microsoft
    Sharepoint Server
    risk 0.40cvss 6.1epss 0.01

    Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allow remote authenticated users to bypass intended Access Control Policy restrictions and conduct cross-site scripting (XSS) attacks by modifying a webpart, aka "Microsoft SharePoint Security Feature…

  • CVE-2017-0255MedMay 12, 2017
    Microsoft
    Sharepoint Foundation
    risk 0.35cvss 5.4epss 0.01

    Microsoft SharePoint Foundation 2013 SP1 allows an elevation of privilege vulnerability when it does not properly sanitize a specially crafted web request, aka "Microsoft SharePoint XSS Vulnerability".

  • CVE-2016-0011MedJan 13, 2016
    Microsoft
    Sharepoint Server
    risk 0.35cvss 5.4epss 0.01

    Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allow remote authenticated users to bypass intended Access Control Policy restrictions and conduct cross-site scripting (XSS) attacks by modifying a webpart, aka "Microsoft SharePoint Security Feature…

  • CVE-2014-2816Aug 12, 2014
    Microsoft
    Sharepoint Server
    risk 0.04cvss epss 0.49

    Microsoft SharePoint Server 2013 Gold and SP1 and SharePoint Foundation 2013 Gold and SP1 allow remote authenticated users to gain privileges via a Trojan horse app that executes a custom action in the context of the SharePoint extensibility model, aka "SharePoint Page Content…

  • CVE-2015-6039Oct 14, 2015
    Microsoft
    Sharepoint Server
    risk 0.01cvss epss 0.07

    Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allows remote authenticated users to inject arbitrary web script or HTML via crafted content in an Office Marketplace instance, aka "Microsoft SharePoint Security…

  • CVE-2015-2522Sep 9, 2015
    Microsoft
    Sharepoint Foundation
    risk 0.01cvss epss 0.09

    Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Foundation 2013 SP1 allows remote authenticated users to inject arbitrary web script or HTML via crafted content, aka "Microsoft SharePoint XSS Spoofing Vulnerability."

  • CVE-2015-1653Apr 14, 2015
    Microsoft
    Sharepoint Server
    risk 0.01cvss epss 0.10

    Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Foundation 2013 SP1 and SharePoint Server 2013 SP1 allows remote attackers to inject arbitrary web script or HTML via a crafted request, aka "Microsoft SharePoint XSS Vulnerability."

  • CVE-2015-1636Mar 11, 2015
    Microsoft
    Sharepoint Server
    risk 0.01cvss epss 0.08

    Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Foundation 2013 Gold and SP1 and SharePoint Server 2013 Gold and SP1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted request, aka "Microsoft SharePoint XSS Vulnerability."

  • CVE-2014-1754May 14, 2014
    Microsoft
    Sharepoint Server
    risk 0.01cvss epss 0.13

    Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2013 Gold and SP1, SharePoint Foundation 2013 Gold and SP1, Office Web Apps Server 2013 Gold and SP1, and SharePoint Server 2013 Client Components SDK allows remote attackers to inject arbitrary web script…