Cross-Site Scripting Vulnerability in Microsoft SharePoint Enterprise Server
CVE-2018-0799
6.1MEDIUM
What is CVE-2018-0799?
A cross-site scripting vulnerability exists in Microsoft Access when it improperly handles image field values in Microsoft SharePoint Enterprise Server 2013 and 2016. An attacker who successfully exploits this vulnerability could inject malicious script content into web pages viewed by users, potentially leading to unauthorized access to sensitive information or performing actions on behalf of unsuspecting users.
Affected Version(s)
Microsoft Access Microsoft SharePoint Enterprise Server 2013 and Microsoft SharePoint Enterprise Server 2016