VYPR

Windows SharePoint Services 3.0 SP2

by Microsoft

CVEs (9)

  • CVE-2010-3243MedOct 13, 2010
    risk 0.29cvss 4.3epss 0.16

    Cross-site scripting (XSS) vulnerability in the toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2 and Office SharePoint Server 2007 SP2, allows remote attackers to inject arbitrary web script or…

  • CVE-2007-2581May 9, 2007
    risk 0.06cvss epss 0.36

    Multiple cross-site scripting (XSS) vulnerabilities in Microsoft Windows SharePoint Services 3.0 for Windows Server 2003 and Office SharePoint Server 2007 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO (query string) in "every main page," as…

  • CVE-2010-3324Sep 17, 2010
    risk 0.05cvss epss 0.25

    The toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2, SharePoint Foundation 2010, Office SharePoint Server 2007 SP2, Groove Server 2010, and Office Web Apps, allows remote attackers to bypass the…

  • CVE-2008-1888Apr 18, 2008
    risk 0.04cvss epss 0.08

    Cross-site scripting (XSS) vulnerability in Microsoft Windows SharePoint Services 2.0 allows remote attackers to inject arbitrary web script or HTML via the Picture Source (aka picture object source) field in the Rich Text Editor.

  • CVE-2012-1863Jul 10, 2012
    risk 0.02cvss epss 0.23

    Cross-site scripting (XSS) vulnerability in Microsoft Office SharePoint Server 2007 SP2 and SP3 Windows SharePoint Services 3.0 SP2, and SharePoint Foundation 2010 Gold and SP1 allows remote attackers to inject arbitrary web script or HTML via crafted JavaScript elements in a…

  • CVE-2010-1264Jun 8, 2010
    risk 0.02cvss epss 0.24

    Unspecified vulnerability in Microsoft Windows SharePoint Services 3.0 SP1 and SP2 allows remote attackers to cause a denial of service (hang) via crafted requests to the Help page that cause repeated restarts of the application pool, aka "Sharepoint Help Page Denial of Service…

  • CVE-2005-0049May 2, 2005
    risk 0.02cvss epss 0.20

    Windows SharePoint Services and SharePoint Team Services for Windows Server 2003 does not properly validate an HTTP redirection query, which allows remote attackers to inject arbitrary HTML and web script via a cross-site scripting (XSS) attack, or to spoof the web cache.

  • CVE-2011-1893Sep 15, 2011
    risk 0.01cvss epss 0.17

    Cross-site scripting (XSS) vulnerability in Microsoft Office SharePoint Server 2010, Windows SharePoint Services 2.0 and 3.0 SP2, and SharePoint Foundation 2010 allows remote attackers to inject arbitrary web script or HTML via the URI, aka "SharePoint XSS Vulnerability."

  • CVE-2011-1891Sep 15, 2011
    risk 0.01cvss epss 0.17

    Cross-site scripting (XSS) vulnerability in Microsoft Windows SharePoint Services 3.0 SP2, and SharePoint Foundation 2010 Gold and SP1, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters in a request to a script, aka "Contact Details…