CVE-2018-8426

Summary

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft Office SharePoint XSS Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoint.

Affected Software

VendorProductVersion RangeStatus
MicrosoftMicrosoft SharePoint Server2010 Service Pack 2affected
MicrosoftMicrosoft SharePointEnterprise Server 2013 Service Pack 1affected
MicrosoftMicrosoft SharePointEnterprise Server 2016affected

Weaknesses

  • Information Disclosure

ADP Enrichment

CVE Program Container

Additional References

References