| Vulnerability Name: | CVE-2010-0716 (CCN-56597) | ||||||||
| Assigned: | 2010-02-22 | ||||||||
| Published: | 2010-02-22 | ||||||||
| Updated: | 2018-10-10 | ||||||||
| Summary: | _layouts/Upload.aspx in the Documents module in Microsoft SharePoint before 2010 uses URLs with the same hostname and port number for a web site's primary files and individual users' uploaded files (aka attachments), which allows remote authenticated users to leverage same-origin relationships and conduct cross-site scripting (XSS) attacks by uploading TXT files, a related issue to CVE-2008-5026. Note: the vendor disputes the significance of this issue, because cross-domain isolation can be implemented when needed. | ||||||||
| CVSS v3 Severity: | 2.6 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N)
| ||||||||
| CVSS v2 Severity: | 3.5 Low (CVSS v2 Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N) 3.0 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N/E:H/RL:OF/RC:C)
3.0 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N/E:H/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-79 | ||||||||
| Vulnerability Consequences: | Gain Access | ||||||||
| References: | Source: CCN Type: BugTraq Mailing List, Mon Feb 22 2010 - 06:00:41 CST Hacktics Advisory Feb10: Persistent XSS in Microsoft SharePoint Portal Source: MITRE Type: CNA CVE-2010-0716 Source: MISC Type: Exploit http://www.hacktics.com/content/advisories/AdvMS20100222.html Source: CCN Type: Microsoft Office SharePoint Server Web site Microsoft Office SharePoint Server Source: BUGTRAQ Type: UNKNOWN 20100222 Hacktics Advisory Feb10: Persistent XSS in Microsoft SharePoint Portal Source: XF Type: UNKNOWN sharepoint-aspx-xss(56597) Source: XF Type: UNKNOWN sharepoint-aspx-xss(56597) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||