CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2012-1859

Cross-site scripting (XSS) vulnerability in scriptresx.ashx in Microsoft SharePoint Server 2010 Gold and SP1, SharePoint Foundation 2010 Gold and SP1, and Office Web Apps 2010 Gold and SP1 allows remote attackers to inject arbitrary web script or HTML via crafted JavaScript elements in a URL, aka "XSS scriptresx.ashx Vulnerability."

Exploit prediction scoring system (EPSS) score

EPSS Score 0.619

EPSS Ranking 98.3%

CVSS Severity

CVSS v2 Score 4.3

References

http://www.us-cert.gov/cas/techalerts/TA12-192A.html
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-050
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15589
http://www.us-cert.gov/cas/techalerts/TA12-192A.html
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-050
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15589

Products affected by CVE-2012-1859

Microsoft » Office Web Apps » Version: 2010

cpe:2.3:a:microsoft:office_web_apps:2010
Microsoft » Sharepoint Foundation » Version: 2010

cpe:2.3:a:microsoft:sharepoint_foundation:2010
Microsoft » Sharepoint Server » Version: 2010

cpe:2.3:a:microsoft:sharepoint_server:2010

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-1859

Products

Pricing

Contact Us