Vulnerability Details CVE-2017-0107
Microsoft SharePoint Server fails to sanitize crafted web requests, allowing remote attackers to run cross-script in local security context, aka "Microsoft SharePoint XSS Vulnerability."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.023
EPSS Ranking 84.1%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
- http://www.securityfocus.com/bid/96748
- http://www.securitytracker.com/id/1038019
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0107
- http://www.securityfocus.com/bid/96748
- http://www.securitytracker.com/id/1038019
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0107
Products affected by CVE-2017-0107
-
cpe:2.3:a:microsoft:sharepoint_foundation:2013