CVE-2010-3243

CVE Database · CVE-2010-3243

CVE-2010-3243

· MEDIUMModified

CVSS v3.1

4.3

EPSS

15.72%

Published

Oct 13, 2010

Modified

Apr 28, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Cross-site scripting (XSS) vulnerability in the toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2 and Office SharePoint Server 2007 SP2, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "HTML Sanitization Vulnerability."

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Weaknesses (CWE)

CWE-79CWE-79

Affected Products (17)

microsoft · sharepoint_servervulnerable

microsoft · sharepoint_servicesvulnerable

microsoft · internet_explorervulnerable

microsoft · windows_7

microsoft · windows_server_2003

microsoft · windows_server_2008

· windows_server_2008