CVE-2011-1893

CVE Database · CVE-2011-1893

CVE-2011-1893

· N/AModified

CVSS v3.1

N/A

EPSS

16.77%

Published

Sep 15, 2011

Modified

Apr 28, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Cross-site scripting (XSS) vulnerability in Microsoft Office SharePoint Server 2010, Windows SharePoint Services 2.0 and 3.0 SP2, and SharePoint Foundation 2010 allows remote attackers to inject arbitrary web script or HTML via the URI, aka "SharePoint XSS Vulnerability."

Weaknesses (CWE)

CWE-79

Affected Products (5)

microsoft · sharepoint_foundationvulnerable

microsoft · sharepoint_servervulnerable

microsoft · sharepoint_servicesvulnerable

References (6)

http://www.us-cert.gov/cas/techalerts/TA11-256A.html

US Government Resource

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-074

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12676

http://www.us-cert.gov/cas/techalerts/TA11-256A.html

US Government Resource

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-074

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12676

KEV Catalog EPSS Scores Vendors All CVEs