OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Re: XSS in Microsoft SharePoint

From: Solarius (ville.solariusgmail.com)
Date: Sun May 13 2007 - 06:42:53 CDT


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Jim Harrison wrote:
> Tried and failed.
> Exactly how have you configured your test SP site?

I think it is in newest SharePointServer but I haven't investigated yet
how wide the problem is.
But I have tried it to couple SP(server?) installations in the Internet,
and it seems to work on all new versions (2007, that is).

Microsoft Security Response Team is currently investigating the issue,
they should be able to tell more.
(they should have better lab than I have;))

Btw, sorry about delayed response, i have been too busy.

- --
Regards,
Solarius - http://www.solarius.name
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGRvm9jnBbTfuxhusRAkGoAKC9wQgcehS8NOhlNg9Hoxc1FUAXSgCfUBdl
zJ0HWvYmeG0tXzJ02Eo2mIw=
=oPjl
-----END PGP SIGNATURE-----