CVE-2012-1862 — Improper Input Validation in Microsoft Sharepoint Server

CWE-20 — Improper Input Validation3 documents3 sources

Severity

6.8MEDIUMNVD

EPSS

7.0%

top 8.50%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Sharepoint Server

Timeline

PublishedJul 10

Latest updateMay 14

Description

Open redirect vulnerability in Microsoft Office SharePoint Server 2007 SP2 and SP3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL, aka "SharePoint URL Redirection Vulnerability."

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages1 packages

▶NVDmicrosoft/sharepoint_server2007

🔴Vulnerability Details

GHSA

GHSA-63w6-2q84-7hfw: Open redirect vulnerability in Microsoft Office SharePoint Server 2007 SP2 and SP3 allows remote attackers to redirect users to arbitrary web sites an↗2022-05-14

▶

CVEList

CVE-2012-1862: Open redirect vulnerability in Microsoft Office SharePoint Server 2007 SP2 and SP3 allows remote attackers to redirect users to arbitrary web sites an↗2012-07-10

▶