CVE-2010-1257 vulnerability in Microsoft Products
Published on June 8, 2010

Cross-site scripting (XSS) vulnerability in the toStaticHTML API, as used in Microsoft Office InfoPath 2003 SP3, 2007 SP1, and 2007 SP2; Office SharePoint Server 2007 SP1 and SP2; SharePoint Services 3.0 SP1 and SP2; and Internet Explorer 8 allows remote attackers to inject arbitrary web script or HTML via vectors related to sanitization.

Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2010-1257

Want to know whenever a new CVE is published for Microsoft products? stack.watch will email you.

Microsoft Office Infopath

Microsoft Sharepoint Server

Microsoft Sharepoint Services

Exploit Probability

EPSS

36.87%

Percentile

97.06%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2010-1257 vulnerability in Microsoft ProductsPublished on June 8, 2010

Products Associated with CVE-2010-1257

Exploit Probability

CVE-2010-1257 vulnerability in Microsoft Products
Published on June 8, 2010