All articles tagged as:

sharepoint

MS15-099 - Sharepoint XSS

Recently during a review of Sharepoint, I came across a vulnerability discovered by the Fortinet team and published on their blog here: https://blog.fortinet.com/post/sharepoint-2013-xss-vulnerability-discovered The post contained information on what a successful exploit would look like, but provided no final exploit for verification or testing. After a bit of review, I found the following POC code which, when triggered, shows a simple alert dialog box: http"http://"http://onmouseover=alert(1);//" This vulnerability leverages Sharepoint's ability to automatically create links for an entered UR…

Read more »