MS15-036: Vulnerabilities in Microsoft SharePoint Server Could Allow Elevation of Privilege (3052044)

This script is Copyright (C) 2015-2017 Tenable Network Security, Inc.

Synopsis :

The remote Windows host is affected by multiple cross-site scripting

Description :

The remote Windows host has a version of Microsoft SharePoint Server
installed that is affected by multiple cross-site scripting
vulnerabilities due to improper sanitization of specially crafted
requests. An authenticated attacker can exploit these vulnerabilities
to access unauthorized content and execute arbitrary script code in
the context of the current user.

See also :

Solution :

Microsoft has released a set of patches for SharePoint Server 2010 and

Risk factor :

Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.7
Public Exploit Available : true

Family: Windows : Microsoft Bulletins

Nessus Plugin ID: 82773 ()

Bugtraq ID: 73992

CVE ID: CVE-2015-1640

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now