CVE-2013-0083Cross-site Scripting in Microsoft Sharepoint Foundation

CWE-79Cross-site Scripting4 documents4 sources
Severity
4.3MEDIUMNVD
EPSS
44.1%
top 2.44%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Microsoft Sharepoint FoundationMicrosoft Sharepoint Server
Timeline
PublishedMar 13
Latest updateMay 5

Description

Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 SP1 allows remote attackers to inject arbitrary web script or HTML via crafted content, leading to administrative command execution, aka "SharePoint XSS Vulnerability."

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages2 packages

🔴Vulnerability Details

2
GHSA
GHSA-g346-xv5g-x7c6: Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 SP1 allows remote attackers to inject arbitrary web script or HTML via cr2022-05-05
CVEList
CVE-2013-0083: Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 SP1 allows remote attackers to inject arbitrary web script or HTML via cr2013-03-13

🕵️Threat Intelligence

1
Zscaler
Zscaler found Multiple Security Vulnerabilities | 03-12-2013
CVE-2013-0083 — Cross-site Scripting in Microsoft | cvebase