|
--=-cTejysJH5yh+/Od6YqMe
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
____ ____ __ __
/ \ / \ | | | |
----====####/ /\__\##/ /\ \##| |##| |####====----
| | | |__| | | | | |
| | ___ | __ | | | | |
------======######\ \/ /#| |##| |#| |##| |######======------
\____/ |__| |__| \______/
Computer Academic Underground
http://www.caughq.org
Security Advisory
===============/=======================================================Advisory ID: CAU-2008-0002
Release Date: 04/08/2008
Title: Microsoft Windows SharePoint Services Picture Source XSS
Application/OS: Microsoft Windows SharePoint Services 2.0
Topic: A stored Cross Site Scripting (XSS) attack is possible
in Microsoft SharePoint Services 2.0 via picture object
source when adding a picture object to a page.
Vendor Status: Not Notified
Attributes: XSS, Web Service, Microsoft Tuesday
Advisory URL: http://www.caughq.org/advisories/CAU-2008-0002.txt
Author/Email: OneIdBeagl3