Vulnerabilities > Microsoft > Sharepoint Server > Low

DATE CVE VULNERABILITY TITLE RISK
2018-09-13 CVE-2018-8431 Cross-site Scripting vulnerability in Microsoft Sharepoint Enterprise Server and Sharepoint Server
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoint.
network
microsoft CWE-79
3.5
3.5
2018-06-14 CVE-2018-8252 Cross-site Scripting vulnerability in Microsoft Sharepoint Foundation and Sharepoint Server
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint.
network
microsoft CWE-79
3.5
3.5
2018-06-14 CVE-2018-8254 Cross-site Scripting vulnerability in Microsoft products
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft Project Server, Microsoft SharePoint.
network
microsoft CWE-79
3.5
3.5
2018-05-09 CVE-2018-8149 Cross-site Scripting vulnerability in Microsoft Sharepoint Server 2010/2013/2016
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoint.
network
microsoft CWE-79
3.5
3.5
2018-05-09 CVE-2018-8155 Cross-site Scripting vulnerability in Microsoft Sharepoint Foundation and Sharepoint Server
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint.
network
microsoft CWE-79
3.5
3.5
2018-05-09 CVE-2018-8156 Cross-site Scripting vulnerability in Microsoft Project Server and Sharepoint Server
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint, Microsoft Project Server.
network
microsoft CWE-79
3.5
3.5
2018-05-09 CVE-2018-8168 Cross-site Scripting vulnerability in Microsoft Sharepoint Server 2010/2013
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoint.
network
microsoft CWE-79
3.5
3.5
2018-02-15 CVE-2018-0864 Cross-site Scripting vulnerability in Microsoft Sharepoint Server 2013/2016
SharePoint Project Server 2013 and SharePoint Enterprise Server 2016 allow an information disclosure vulnerability due to how web requests are handled, aka "Microsoft SharePoint Information Disclosure Vulnerability".
network
microsoft CWE-79
3.5
3.5
2017-09-13 CVE-2017-8629 Cross-site Scripting vulnerability in Microsoft Sharepoint Server 2013
Microsoft SharePoint Server 2013 Service Pack 1 allows an elevation of privilege vulnerability when it fails to properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint XSS Vulnerability".
network
microsoft CWE-79
3.5
3.5
2017-08-08 CVE-2017-8654 Cross-site Scripting vulnerability in Microsoft Sharepoint Server 2010
Microsoft SharePoint Server 2010 Service Pack 2 allows a cross-site scripting (XSS) vulnerability when it does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft Office SharePoint XSS Vulnerability".
network
microsoft CWE-79
3.5
3.5