The host is installed with Microsoft Office SharePoint Server 2010 or SharePoint Foundation 2010 and is prone to cross-site scripting vulnerability. A flaw is present in the application which fails to properly validate user input. Successful exploitation allows remote attackers to disclose sensitive information.