Vulnerabilities > Microsoft > Sharepoint Enterprise Server > Low

DATE CVE VULNERABILITY TITLE RISK
2018-04-12 CVE-2018-1005 Cross-site Scripting vulnerability in Microsoft Sharepoint Enterprise Server 2013/2016
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint.
network
microsoft CWE-79
3.5
3.5
2018-04-12 CVE-2018-1032 Cross-site Scripting vulnerability in Microsoft Sharepoint Enterprise Server 2010/2013/2016
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoint.
network
microsoft CWE-79
3.5
3.5
2018-04-12 CVE-2018-1034 Cross-site Scripting vulnerability in Microsoft Sharepoint Enterprise Server 2016
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint.
network
microsoft CWE-79
3.5
3.5
2018-02-15 CVE-2018-0869 Cross-site Scripting vulnerability in Microsoft Sharepoint Enterprise Server 2016
SharePoint Server 2016 allows an elevation of privilege vulnerability due to how web requests are handled, aka "Microsoft SharePoint Elevation of Privilege Vulnerability".
network
microsoft CWE-79
3.5
3.5
2017-10-13 CVE-2017-11775 Cross-site Scripting vulnerability in Microsoft Sharepoint Enterprise Server 2013/2016
Microsoft SharePoint Enterprise Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an attacker to exploit a cross-site scripting (XSS) vulnerability by sending a specially crafted request to an affected SharePoint server, due to how SharePoint Server sanitizes web requests, aka "Microsoft Office SharePoint XSS Vulnerability".
network
microsoft CWE-79
3.5
3.5
2017-10-13 CVE-2017-11777 Cross-site Scripting vulnerability in Microsoft Sharepoint Enterprise Server 2013/2016
Microsoft SharePoint Enterprise Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an attacker to exploit a cross-site scripting (XSS) vulnerability by sending a specially crafted request to an affected SharePoint server, due to how SharePoint Server sanitizes web requests, aka "Microsoft Office SharePoint XSS Vulnerability".
network
microsoft CWE-79
3.5
3.5
2017-10-13 CVE-2017-11820 Cross-site Scripting vulnerability in Microsoft Sharepoint Enterprise Server 2013/2016
Microsoft SharePoint Enterprise Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an attacker to exploit a cross-site scripting (XSS) vulnerability by sending a specially crafted request to an affected SharePoint server, due to how SharePoint Server sanitizes web requests, aka "Microsoft Office SharePoint XSS Vulnerability".
network
microsoft CWE-79
3.5
3.5
2017-06-15 CVE-2017-8514 Cross-site Scripting vulnerability in Microsoft Sharepoint Enterprise Server 2016
An information disclosure vulnerability exists when Microsoft SharePoint software fails to properly sanitize a specially crafted requests, aka "Microsoft SharePoint Reflective XSS Vulnerability".
network
microsoft CWE-79
3.5
3.5