CVE Database · CVE-2011-1891
CVSS v3.1
N/A
EPSS
16.77%
Published
Sep 15, 2011
Modified
Apr 28, 2026
Public PoC / Exploit (1)
All weaponized →Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.
Description
Cross-site scripting (XSS) vulnerability in Microsoft Windows SharePoint Services 3.0 SP2, and SharePoint Foundation 2010 Gold and SP1, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters in a request to a script, aka "Contact Details Reflected XSS Vulnerability."
Weaknesses (CWE)
Affected Products (4)
References (6)
