CVE-2018-8426

Description

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft Office SharePoint XSS Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoint.

Affected products

• Microsoft / Microsoft SharePointEnterprise Server 2013 Service Pack 1 – Enterprise Server 2013 Service Pack 1
• Microsoft / Microsoft SharePointEnterprise Server 2016 – Enterprise Server 2016
• Microsoft / Microsoft SharePoint Server2010 Service Pack 2 – 2010 Service Pack 2

References

• MISChttp://www.securityfocus.com/bid/105208
• VENDOR_ADVISORYhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8426
• MISChttp://www.securitytracker.com/id/1041640