First published: Thu Apr 29 2010(Updated: )
Cross-site scripting (XSS) vulnerability in _layouts/help.aspx in Microsoft SharePoint Server 2007 12.0.0.6421 and possibly earlier, and SharePoint Services 3.0 SP1 and SP2, versions, allows remote attackers to inject arbitrary web script or HTML via the cid0 parameter.
Credit: secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft SharePoint Server | =2007 | |
Microsoft Sharepoint Services | =3.0-sp2 | |
Microsoft Sharepoint Services | =3.0-sp2 | |
Microsoft Sharepoint Services | =3.0-sp1 | |
Microsoft Sharepoint Services | =3.0-sp1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.