Microsoft SharePoint 2007/2010 – ‘Source’ Multiple Open Redirections - 体验盒子

作者： Irene Abezgauz

日期： 2011-09-14

类别：

webapps

平台：

asp

来源：https://www.exploit-db.com/exploits/36134/

source: https://www.securityfocus.com/bid/49620/info

Microsoft SharePoint is prone to multiple URI open-redirection vulnerabilities because the application fails to properly sanitize user-supplied input.

Successful exploits may redirect a user to a potentially malicious site; this may aid in phishing attacks.

The following products are affected;

Microsoft SharePoint 2007
Microsoft SharePoint 2010 

http://www.example.com/Docs/Lists/Announcements/NewForm.aspx?Source=[xss]