CVE-2005-0049

Published: May 2, 2005Modified: Apr 16, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Windows SharePoint Services and SharePoint Team Services for Windows Server 2003 does not properly validate an HTTP redirection query, which allows remote attackers to inject arbitrary HTML and web script via a cross-site scripting (XSS) attack, or to spoof the web cache.

Affected (3)

Products: Microsoft: Sharepoint Portal Server, Sharepoint Team Services

2 products

Sharepoint Portal Server

Sharepoint Team Services

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Microsoft Sharepoint Portal Server	Version 2003
Microsoft Sharepoint Portal Server	Version 2003 sp1
Microsoft Sharepoint Team Services	All versions

References (8)

http://www.kb.cert.org/vuls/id/340409

Source: cve@mitre.org

PatchUS Government Resource

http://www.us-cert.gov/cas/techalerts/TA05-039A.html

Source: cve@mitre.org

PatchUS Government Resource

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-006

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/19091

Source: cve@mitre.org

http://www.kb.cert.org/vuls/id/340409

Source: af854a3a-2127-422b-91ae-364da2661108

PatchUS Government Resource

http://www.us-cert.gov/cas/techalerts/TA05-039A.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchUS Government Resource

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-006

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/19091

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.