CVE-2008-1888: XSS
First published: Fri Apr 18 2008(Updated: )
Cross-site scripting (XSS) vulnerability in Microsoft Windows SharePoint Services 2.0 allows remote attackers to inject arbitrary web script or HTML via the Picture Source (aka picture object source) field in the Rich Text Editor.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft SharePoint Server 2010 | =2.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2008-1888?
The severity of CVE-2008-1888 is considered medium due to the potential for injection of arbitrary web scripts.
How do I fix CVE-2008-1888?
To fix CVE-2008-1888, apply the appropriate security updates or patches provided by Microsoft for SharePoint Services.
What is the impact of CVE-2008-1888?
The impact of CVE-2008-1888 allows remote attackers to execute arbitrary HTML or script code in the context of an affected user's browser.
Who is affected by CVE-2008-1888?
CVE-2008-1888 affects users of Microsoft Windows SharePoint Services version 2.0.
Can CVE-2008-1888 be exploited remotely?
Yes, CVE-2008-1888 can be exploited remotely by attackers to inject malicious content.
- agent/softwarecombine
- agent/type
- agent/references
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/last-modified-date
- agent/severity
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- agent/weakness
- vendor/microsoft
- canonical/microsoft sharepoint server 2010
- version/microsoft sharepoint server 2010/2.0