SharePoint Server 2013 SP1

CVEs (7)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2015-6117	Microsoft Sharepoint Server	Med	0.40	6.1	0.01	Jan 13, 2016	Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allow remote authenticated users to bypass intended Access Control Policy restrictions and conduct cross-site scripting (XSS) attacks by modifying a webpart, aka "Microsoft SharePoint Security Feature…
CVE-2016-0011	Microsoft Sharepoint Server	Med	0.35	5.4	0.01	Jan 13, 2016	Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allow remote authenticated users to bypass intended Access Control Policy restrictions and conduct cross-site scripting (XSS) attacks by modifying a webpart, aka "Microsoft SharePoint Security Feature…
CVE-2014-2816	Microsoft Sharepoint Server		0.04	—	0.49	Aug 12, 2014	Microsoft SharePoint Server 2013 Gold and SP1 and SharePoint Foundation 2013 Gold and SP1 allow remote authenticated users to gain privileges via a Trojan horse app that executes a custom action in the context of the SharePoint extensibility model, aka "SharePoint Page Content…
CVE-2015-6039	Microsoft Sharepoint Server		0.01	—	0.07	Oct 14, 2015	Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allows remote authenticated users to inject arbitrary web script or HTML via crafted content in an Office Marketplace instance, aka "Microsoft SharePoint Security…
CVE-2015-1653	Microsoft Sharepoint Server		0.01	—	0.10	Apr 14, 2015	Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Foundation 2013 SP1 and SharePoint Server 2013 SP1 allows remote attackers to inject arbitrary web script or HTML via a crafted request, aka "Microsoft SharePoint XSS Vulnerability."
CVE-2015-1636	Microsoft Sharepoint Server		0.01	—	0.08	Mar 11, 2015	Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Foundation 2013 Gold and SP1 and SharePoint Server 2013 Gold and SP1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted request, aka "Microsoft SharePoint XSS Vulnerability."
CVE-2014-1754	Microsoft Sharepoint Server		0.01	—	0.13	May 14, 2014	Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2013 Gold and SP1, SharePoint Foundation 2013 Gold and SP1, Office Web Apps Server 2013 Gold and SP1, and SharePoint Server 2013 Client Components SDK allows remote attackers to inject arbitrary web script…

CVE-2015-6117MedJan 13, 2016
Microsoft
Sharepoint Server
risk 0.40cvss 6.1epss 0.01
Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allow remote authenticated users to bypass intended Access Control Policy restrictions and conduct cross-site scripting (XSS) attacks by modifying a webpart, aka "Microsoft SharePoint Security Feature…
CVE-2016-0011MedJan 13, 2016
Microsoft
Sharepoint Server
risk 0.35cvss 5.4epss 0.01
Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allow remote authenticated users to bypass intended Access Control Policy restrictions and conduct cross-site scripting (XSS) attacks by modifying a webpart, aka "Microsoft SharePoint Security Feature…
CVE-2014-2816Aug 12, 2014
Microsoft
Sharepoint Server
risk 0.04cvss —epss 0.49
Microsoft SharePoint Server 2013 Gold and SP1 and SharePoint Foundation 2013 Gold and SP1 allow remote authenticated users to gain privileges via a Trojan horse app that executes a custom action in the context of the SharePoint extensibility model, aka "SharePoint Page Content…
CVE-2015-6039Oct 14, 2015
Microsoft
Sharepoint Server
risk 0.01cvss —epss 0.07
Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allows remote authenticated users to inject arbitrary web script or HTML via crafted content in an Office Marketplace instance, aka "Microsoft SharePoint Security…
CVE-2015-1653Apr 14, 2015
Microsoft
Sharepoint Server
risk 0.01cvss —epss 0.10
Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Foundation 2013 SP1 and SharePoint Server 2013 SP1 allows remote attackers to inject arbitrary web script or HTML via a crafted request, aka "Microsoft SharePoint XSS Vulnerability."
CVE-2015-1636Mar 11, 2015
Microsoft
Sharepoint Server
risk 0.01cvss —epss 0.08
Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Foundation 2013 Gold and SP1 and SharePoint Server 2013 Gold and SP1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted request, aka "Microsoft SharePoint XSS Vulnerability."
CVE-2014-1754May 14, 2014
Microsoft
Sharepoint Server
risk 0.01cvss —epss 0.13
Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2013 Gold and SP1, SharePoint Foundation 2013 Gold and SP1, Office Web Apps Server 2013 Gold and SP1, and SharePoint Server 2013 Client Components SDK allows remote attackers to inject arbitrary web script…