toStaticHTML Information Disclosure VulnerabilityID: oval:org.mitre.oval:def:6677 | Date: (C)2010-06-08 (M)2023-12-14 |
Class: VULNERABILITY | Family: windows |
Cross-site scripting (XSS) vulnerability in the toStaticHTML API, as used in Microsoft Office InfoPath 2003 SP3, 2007 SP1, and 2007 SP2; Office SharePoint Server 2007 SP1 and SP2; SharePoint Services 3.0 SP1 and SP2; and Internet Explorer 8 allows remote attackers to inject arbitrary web script or HTML via vectors related to sanitization.
Platform: |
Microsoft Windows 2000 |
Microsoft Windows XP |
Microsoft Windows Vista |
Microsoft Windows 7 |
Microsoft Windows Server 2003 |
Microsoft Windows 10 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows 8 |
Microsoft Windows Server 2012 |
Microsoft Windows 8.1 |
Microsoft Windows Server 2012 R2 |
Product: |
Microsoft Internet Explorer 8 |
Microsoft InfoPath 2003 |
Microsoft InfoPath 2007 |
Microsoft SharePoint Server 2007 |
Microsoft SharePoint Services 3.0 |