KLA10561
Code injection vulnerability in Microsoft Sharepoint
Updated: 06/01/2019
Detect date
?
04/14/2015
Severity
?
Warning
Description

An XSS vulnerabilities were found in Microsoft Sharepoint. By exploiting these vulnerabilities malicious users can inject arbitrary scripts. These vulnerabilities can be exploited remotely via a specially designed request.

Affected products

Microsoft SharePoint Server 2013 Service Pack 1
Microsoft SharePoint Server 2010 Service Pack 2

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

MS15-036
CVE-2015-1653
CVE-2015-1640

Impacts
?
CI 
[?]
Related products
Microsoft Sharepoint Server
CVE-IDS
?
CVE-2015-16534.3Warning
CVE-2015-16404.3Warning
Microsoft official advisories
Microsoft Security Update Guide
KB list

2965219
2965302
2965278