Follow:

Vulnerability:Win/Sharepoint.URL.XSS!CVE-2011-1893

Severity rating
Important

Class/Type
Vulnerability

Discovered date
2011-09-13T00:00:00

Attack vector
Remote

Authentication required
No

Public exploits available
No

Signature detection
Medium



On this page




Description

A cross-site scripting, information disclosure, and elevation of privilege vulnerability exists in Microsoft SharePoint Server and Windows SharePoint Services where JavaScript that is encoded in a specially crafted URL can be is reflected back to the user in the resulting page, allowing an attacker to issue SharePoint commands in the context of the authenticated user on a targeted SharePoint site.



Impact

An attacker who successfully exploited this vulnerability they could reflect malicious JavaScript back to the browser of the user, which could allow the attacker to modify the page content, conduct phishing, and perform actions on behalf of the user.



Technical details (analysis)

This vulnerability is caused when input sanitation which will allow for a malicious URL that contains JavaScript elements to be displayed back to the user.



Affected software

Microsoft Office SharePoint Server 2010
Microsoft Windows SharePoint Services 2.0
Windows SharePoint Services 3.0 Service Pack 2 (32-bit versions)
Microsoft Windows SharePoint Services 3.0 Service Pack 2 (64-bit versions)
SharePoint Foundation 2010



Non-affected software

All applications not on the affected list.



References




Solutions




NIS signature

Name: Vulnerability:Win/Sharepoint.URL.XSS!CVE-2011-1893
Release Date: 2011-09-13T00:00:00



Known false positives

No known false positives at this time.



Work-arounds

Enable Internet Explorer 8 and Internet Explorer 9 XSS filter in the Local intranet security zone