CVE-2005-0049: XSS
First published: Mon May 02 2005(Updated: )
Windows SharePoint Services and SharePoint Team Services for Windows Server 2003 does not properly validate an HTTP redirection query, which allows remote attackers to inject arbitrary HTML and web script via a cross-site scripting (XSS) attack, or to spoof the web cache.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft SharePoint Team Services | ||
| Microsoft SharePoint Portal Server | =2003 | |
| Microsoft SharePoint Portal Server | =2003-sp1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-historical
- vendor/microsoft
- vendor/sharepoint team services
- vendor/sharepoint portal server
- collector/nvd-index
- agent/references
- agent/weakness
- agent/tags
- agent/type
- agent/event
- agent/severity
- agent/author
- agent/description
- agent/first-publish-date
- agent/softwarecombine
- agent/remedy
- agent/last-modified-date
- canonical/microsoft sharepoint team services
- canonical/microsoft sharepoint portal server
- version/microsoft sharepoint portal server/2003
- version/microsoft sharepoint portal server/2003-sp1