Russian Vulnerability Scanner Database

Back to List

CVE-2010-0817

Scores

EPSS

0.553medium55.3%
0%20%40%60%80%100%

Percentile: 55.3%

CVSS

4.3medium2.0
0246810

CVSS Score: 4.3/10

All CVSS Scores

CVSS 2.0
4.3

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Description

Cross-site scripting (XSS) vulnerability in _layouts/help.aspx in Microsoft SharePoint Server 2007 12.0.0.6421 and possibly earlier, and SharePoint Services 3.0 SP1 and SP2, versions, allows remote attackers to inject arbitrary web script or HTML via the cid0 parameter.

Scaner-VS 7 — a modern vulnerability management solution

Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.
Learn more about Scaner-VS 7

Sources

nvd

CWEs

CWE-79

Related Vulnerabilities

BDU:2021-04409

Exploits

Exploit ID: 12450

Source: exploitdb

URL: https://www.exploit-db.com/exploits/12450

Vulnerable Software (2)

Type: Configuration

Vendor: *

Product: sharepoint_server

Operating System: * * *

Trait: 
{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:a:microsoft:sharepoint_server:2007:*:*:*:*:*:*:*",      "vulnerable": true    }  ],  "operator": "OR"}

Source: nvd

Type: Configuration

Vendor: *

Product: sharepoint_services

Operating System: * * *

Trait: 
{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:a:microsoft:sharepoint_services:3.0:sp1:x32:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:microsoft:sharepoint_serv...

Source: nvd

End of list