Published: 15/06/2017 Updated: 14/03/2019
CVSS v2 Base Score: 3.5 | Impact Score: 2.9 | Exploitability Score: 6.8
CVSS v3 Base Score: 5.4 | Impact Score: 2.7 | Exploitability Score: 2.3
VMScore: 314
Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N

Vulnerability Summary

An information disclosure vulnerability exists when Microsoft SharePoint software fails to properly sanitize a specially crafted requests, aka "Microsoft SharePoint Reflective XSS Vulnerability".

Vulnerability Trend

Affected Products

Vendor Product Versions
MicrosoftSharepoint Enterprise Server2016

Github Repositories

bugbounty bugbountytips bughunting

No description, website, or topics provided.

Awesome CVE PoC A curated list of CVE PoCs Here is a collection about Proof of Concepts of Common Vulnerabilities and Exposures, and you may also want to check out awesome-web-security Please read the contribution guidelines before contributing This repo is full of PoCs for CVEs If you enjoy this awesome list and would like to support it, check out my Patreon page :

Recent Articles

Microsoft's June Patch Tuesday Fixes Two Vulnerabilities Used in Live Attacks
BleepingComputer • Catalin Cimpanu • 01 Jan 1970

Microsoft published today the June 2017 Patch Tuesday, which patches over 90 security flaws, including two vulnerabilities used in live attacks.
The first of these vulnerabilities is tracked as CVE-2017-8543. Microsoft describes the issue as following:
Patches for this flaw are available for all of Microsoft's operating systems, including old versions, such as XP and Server 2003.
The second vulnerability detected in live attacks is tracked as CVE-2017-8464 and Microsoft describ...