The host is installed with Microsoft Office SharePoint Server 2007 Service Pack 2 or Microsoft Office SharePoint Server 2010 or SP1 or Microsoft Windows SharePoint Services 3.0 Service Pack 2 or SharePoint Foundation 2010 or SP1 and is prone to information disclosure vulnerability. A flaw is present in the applications where SafeHTML function does not properly validate HTML. Successful exploitation allows remote attackers to perform persistent cross-site scripting attacks against users of a site that is filtering HTML content via SafeHTML.