Cross-Site Scripting Vulnerability in Microsoft FrontPage Server Extensions
CVE-2006-0015

Currently unrated

Key Information:

Vendor: Microsoft
Status: Sharepoint Team Services; Frontpage Server Extensions
Vendor: CVE Published:; 11 April 2006

Summary

A Cross-Site Scripting vulnerability exists in Microsoft FrontPage Server Extensions and SharePoint Team Services, where an attacker can exploit the system by injecting arbitrary web scripts or HTML into the application. This can occur via specific parameters in requests to the affected components. This vulnerability allows attackers to manipulate user interactions, potentially executing harmful scripts or creating unauthorized accounts, undermining the security integrity of the server.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/25537

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/17452

vdb-entryx_refsource_BID

http://www.securityfocus.com/archive/1/430803/100/0/threaded

mailing-listx_refsource_BUGTRAQ

EPSS Score

36% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Apr 11, 2006
Vulnerability Reserved
Nov 9, 2005