Microsoft SharePoint 2007/2010 - 'Source' Multiple Open Redirections



EKU-ID: 40698 CVE: OSVDB-ID:
Author: Irene Abezgauz Published: 2011-09-14 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home 


source: https://www.securityfocus.com/bid/49620/info

Microsoft SharePoint is prone to multiple URI open-redirection vulnerabilities because the application fails to properly sanitize user-supplied input.

Successful exploits may redirect a user to a potentially malicious site; this may aid in phishing attacks.

The following products are affected;

Microsoft SharePoint 2007
Microsoft SharePoint 2010

http://www.example.com/Docs/Lists/Announcements/NewForm.aspx?Source=[xss]