|MS14-022||Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution (2952166)||Microsoft SharePoint||Critical||14-05-2014|
Brief overview of the risk:
The security update addresses the vulnerabilities by correcting how SharePoint Server and Web Applications sanitize specially crafted page content.
Detailed Information on the risk:
An elevation of privilege vulnerability exists in Microsoft SharePoint Server. An attacker who successfully exploited this vulnerability could perform cross-site scripting attacks on affected systems and run script in the security context of the logged-on user.
Further information on this exploit is available at : MS14-022
Affected SoftwareMicrosoft SharePoint Server 2007
Microsoft SharePoint Server 2010
Microsoft SharePoint Server 2013