This script is Copyright (C) 2010-2014 Tenable Network Security, Inc.
An application running on the remote web server has a cross-site
The version of Microsoft SharePoint Services running on the remote
host has a cross-site scripting vulnerability. Input sent to the
'cid0' parameter of '/_layouts/help.aspx' is not properly sanitized.
A remote attacker could exploit this by tricking a user into making a
malicious request, resulting in the execution of arbitrary script
See also :
Microsoft has released a set of patches for SharePoint Services.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.6
Public Exploit Available : true