CVE-2005-0049

Windows SharePoint Services and SharePoint Team Services for Windows Server 2003 does not properly validate an HTTP redirection query, which allows remote attackers to inject arbitrary HTML and web script via a cross-site scripting (XSS) attack, or to spoof the web cache.

Published: May 2, 2005
Updated: Apr 13, 2023
CVE: CVE-2005-0049
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
microsoft / sharepoint_team_services	-	-
microsoft / sharepoint_portal_server	2003	2003.x
microsoft / sharepoint_portal_server	2003-sp1	2003-sp1.x

http://www.kb.cert.org/vuls/id/340409
http://www.us-cert.gov/cas/techalerts/TA05-039A.html
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-006
https://exchange.xforce.ibmcloud.com/vulnerabilities/19091

Vulnerability Database

289,599

CVE-2005-0049