Security Alerts




SharePoint Suffers from XSS and Information Disclosure Flaws

Summary: These vulnerabilities affect:  SharePoint Server, Groove Server, Office Web Apps, and InfoPath 2010, which are all part of Microsoft’s Office family products How an attacker exploits them:  Multiple vectors of attack, including luring your users to a malicious link, or by visiting a specific address on a vulnerable server Impact:  In the worst case, an attacker can elevate their privileges, gaining the ability to do anything the victim can on the affected server. What to do: Install the appropriate updates as soon as you can, or let Windows Update do it for you

Source:
SharePoint Suffers from XSS and Information Disclosure Flaws
April 9, 2013 — Category: Security Alerts