CVE-2005-0049

Currently unrated

Key Information:

Vendor: Microsoft
Status: Sharepoint Team Services; Sharepoint Portal Server
Vendor: CVE Published:; 2 May 2005

Summary

Windows SharePoint Services and SharePoint Team Services for Windows Server 2003 does not properly validate an HTTP redirection query, which allows remote attackers to inject arbitrary HTML and web script via a cross-site scripting (XSS) attack, or to spoof the web cache.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/19091

vdb-entryx_refsource_XF

http://www.kb.cert.org/vuls/id/340409

third-party-advisoryx_refsource_CERT-VN

http://www.us-cert.gov/cas/techalerts/TA05-039A.html

third-party-advisoryx_refsource_CERT

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
May 2, 2005
Vulnerability Reserved
Jan 11, 2005

Collectors

NVD DatabaseMitre Database