Description

Microsoft SharePoint Server 2013 Gold and SP1 and SharePoint Foundation 2013 Gold and SP1 allow remote authenticated users to gain privileges via a Trojan horse app that executes a custom action in the context of the SharePoint extensibility model, aka "SharePoint Page Content Vulnerability."

Remediation

References

CVE-2014-2816

Related Vulnerabilities

WordPress Plugin Meteor Slides Cross-Site Scripting (1.5.6)

Apache Traffic Server HTTP Request Smuggling Vulnerability (CVE-2020-17509 )

WordPress Plugin WP Fastest Cache Multiple Vulnerabilities (0.8.5.7)

ClipBucket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-4673)

Nginx Use After Free Vulnerability (CVE-2022-32414)

Severity

Critical

Classification

CVE-2014-2816 CWE-264

Tags

Missing Update Known Vulnerabilities