Published: 15/06/2017 Updated: 14/03/2019

CVSS v2 Base Score: 3.5 | Impact Score: 2.9 | Exploitability Score: 6.8

CVSS v3 Base Score: 5.4 | Impact Score: 2.7 | Exploitability Score: 2.3

VMScore: 312

Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N

An information disclosure vulnerability exists when Microsoft SharePoint software fails to properly sanitize a specially crafted requests, aka "Microsoft SharePoint Reflective XSS Vulnerability".

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft sharepoint enterprise server 2016

Check Point Reference: CPAI-2017-1825 Date Published: 26 Mar 2024 Severity: Medium ...

Contents Cross Site Scripting (XSS) Cross Site Request Forgery (CSRF) Clickjacking (UI Redressing Attack) Local File Inclusion (LFI) Subdomain Takeover Denial of Service (DOS) Authentication Bypass SQL injection 2FA Related issues CORS Related issues Server Side Request Forgery (SSRF) Race Condition Remote Code Execution (RCE) Contributing Maintainers Cross Site Scripting (XS

Contents Cross Site Scripting (XSS) Cross Site Request Forgery (CSRF) Clickjacking (UI Redressing Attack) Local File Inclusion (LFI) Subdomain Takeover Denial of Service (DOS) Authentication Bypass SQL injection 2FA Related issues CORS Related issues Server Side Request Forgery (SSRF) Race Condition Remote Code Execution (RCE) Contributing Cross Site Scripting (XSS) From P5

CWE-79 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8514 http://www.securityfocus.com/bid/98831 http://www.securitytracker.com/id/1038663 https://nvd.nist.gov https://github.com/xbl3/Awesome-Bugbounty-Writeups_devanshbatham https://advisories.checkpoint.com/defense/advisories/public/2024/cpai-2017-1825.html

CVE-2017-8514

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect