CVE-2011-1891
Summary
| CVE | CVE-2011-1891 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2011-09-15 12:26:00 UTC |
| Updated | 2018-10-12 22:01:00 UTC |
| Description | Cross-site scripting (XSS) vulnerability in Microsoft Windows SharePoint Services 3.0 SP2, and SharePoint Foundation 2010 Gold and SP1, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters in a request to a script, aka "Contact Details Reflected XSS Vulnerability." |
Risk And Classification
Problem Types: CWE-79
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Microsoft | Sharepoint Foundation | 2010 | All | All | All |
| Application | Microsoft | Sharepoint Foundation | 2010 | sp1 | All | All |
| Application | Microsoft | Sharepoint Foundation | 2010 | All | All | All |
| Application | Microsoft | Sharepoint Foundation | 2010 | sp1 | All | All |
| Application | Microsoft | Sharepoint Services | 3.0 | sp2 | x32 | All |
| Application | Microsoft | Sharepoint Services | 3.0 | sp2 | x64 | All |
| Application | Microsoft | Sharepoint Services | 3.0 | sp2 | x32 | All |
| Application | Microsoft | Sharepoint Services | 3.0 | sp2 | x64 | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Repository / Oval Repository | OVAL | oval.cisecurity.org | |
| Microsoft Security Bulletin MS11-074 - Important | Microsoft Docs | MS | docs.microsoft.com | |
| US-CERT Technical Cyber Security Alert TA11-256A -- Microsoft Updates for Multiple Vulnerabilities | CERT | www.us-cert.gov | US Government Resource |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.