header-logo
Suggest Exploit
vendor:
SharePoint
by:
Unknown
5.8
CVSS
MEDIUM
URI Open-Redirection
601
CWE
Product Name: SharePoint
Affected Version From: Microsoft SharePoint 2007
Affected Version To: Microsoft SharePoint 2010
Patch Exists: YES
Related CWE: CVE-2011-0661
CPE: a:microsoft:sharepoint_server:2007, cpe:/a:microsoft:sharepoint_server:2010
Metasploit:
Other Scripts:
Platforms Tested: Windows
2011

Multiple URI Open-Redirection Vulnerabilities in Microsoft SharePoint

Microsoft SharePoint is prone to multiple URI open-redirection vulnerabilities because the application fails to properly sanitize user-supplied input. Successful exploits may redirect a user to a potentially malicious site; this may aid in phishing attacks.

Mitigation:

To mitigate these vulnerabilities, it is recommended to apply the latest security patches provided by Microsoft.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/49620/info

Microsoft SharePoint is prone to multiple URI open-redirection vulnerabilities because the application fails to properly sanitize user-supplied input.

Successful exploits may redirect a user to a potentially malicious site; this may aid in phishing attacks.

The following products are affected;

Microsoft SharePoint 2007
Microsoft SharePoint 2010 

http://www.example.com/Docs/Lists/Announcements/NewForm.aspx?Source=[xss]

Navigation

Suggest Exploit

Services By CQR