Cross-Site Scripting Vulnerability in Microsoft InfoPath, Communicator, and SharePoint Products
CVE-2012-2520

Currently unrated

Key Information:

Vendor

Microsoft
Status
Sharepoint Server
Lync
Groove Server
Office Communicator
Vendor
CVE Published:
9 October 2012

What is CVE-2012-2520?

A cross-site scripting (XSS) vulnerability exists in multiple Microsoft products, allowing remote attackers to inject arbitrary web scripts or HTML content through crafted input strings. This vulnerability affects various iterations of Microsoft InfoPath, Communicator, Lync, and SharePoint products, posing a significant risk to web application security by potentially compromising user sessions and executing malicious scripts within the user's browser.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/55797
vdb-entryx_refsource_BID
https://oval.cisecurity.org/repository/search/definition/...
vdb-entrysignaturex_refsource_OVAL
http://www.securitytracker.com/id?1027628
vdb-entryx_refsource_SECTRACK

EPSS Score

24% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.