CVE-2017-11775
N/A
N/A
Summary
Microsoft SharePoint Enterprise Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an attacker to exploit a cross-site scripting (XSS) vulnerability by sending a specially crafted request to an affected SharePoint server, due to how SharePoint Server sanitizes web requests, aka "Microsoft Office SharePoint XSS Vulnerability". This CVE ID is unique from CVE-2017-11777 and CVE-2017-11820.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Microsoft Corporation | Microsoft SharePoint Enterprise Server | Microsoft SharePoint Enterprise Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 | affected |
Weaknesses
- Elevation of Privilege
ADP Enrichment
CVE Program Container
Additional References
- http://www.securityfocus.com/bid/101105
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11775
- http://www.securitytracker.com/id/1039540
References
- http://www.securityfocus.com/bid/101105
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11775
- http://www.securitytracker.com/id/1039540
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.