Published: 13/09/2018 Updated: 02/11/2018

CVSS v2 Base Score: 3.5 | Impact Score: 2.9 | Exploitability Score: 6.8

CVSS v3 Base Score: 5.4 | Impact Score: 2.7 | Exploitability Score: 2.3

VMScore: 312

Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft Office SharePoint XSS Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoint.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft sharepoint enterprise server 2013 -
microsoft sharepoint server 2010 -
microsoft sharepoint enterprise server 2016 -

It's September 2018, and Windows VMs can pwn their host servers by launching an evil app

The Register • Shaun Nichols in San Francisco • 11 Sep 2018

Too smart? There's also an old-fashioned image file RCE Safari, Edge fans: Is that really the website you think you're visiting? URL spoof bug blabbed

Admins will again be working overtime as Microsoft and Adobe have posted their monthly scheduled security updates for September. This month's Patch Tuesday bundle includes critical fixes for Windows, SQL Server, and Hyper V, as well as Flash and Cold Fusion. In total, Microsoft addressed 61 CVE-listed vulnerabilities this month, including 23 that would potentially allow for remote code execution. One of the more noteworthy of those bugs is CVE-2018-8475, a remote code flaw that can be triggered ...

CVE-2018-8426

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect