Vulnerabilities > Microsoft > Project Server > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-06-15 CVE-2017-8551 Cross-site Scripting vulnerability in Microsoft Project Server 2013
An elevation of privilege vulnerability exists when Microsoft SharePoint software fails to properly sanitize a specially crafted requests, aka "Microsoft SharePoint XSS vulnerability".
network
microsoft CWE-79
4.3
4.3
2015-04-14 CVE-2015-1640 Cross-site Scripting vulnerability in Microsoft Project Server 2010/2013
Cross-site scripting (XSS) vulnerability in Microsoft Project Server 2010 SP2 and 2013 SP1 allows remote attackers to inject arbitrary web script or HTML via a crafted request, aka "Microsoft SharePoint XSS Vulnerability."
network
microsoft CWE-79
4.3
4.3
2006-12-18 CVE-2006-6617 Information Disclosure vulnerability in Microsoft Project Server 2003
projectserver/logon/pdsrequest.asp in Microsoft Project Server 2003 allows remote authenticated users to obtain the MSProjectUser password for a SQL database via a GetInitializationData request, which includes the information in the UserName and Password tags of the response.
network
low complexity
microsoft
6.5
6.5