CVE-2008-1888

Microsoft Windows SharePoint Services 2.0 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in Microsoft Windows SharePoint Services 2.0 allows remote attackers to inject arbitrary web script or HTML via the Picture Source (aka picture object source) field in the Rich Text Editor.

Exploits (1)

exploitdb WORKING POC VERIFIED
by OneIdBeagl3 · textremotewindows
https://www.exploit-db.com/exploits/31632

References (4)

Scores

EPSS 0.2496
EPSS Percentile 96.1%

Classification

CWE
CWE-79
Status draft

Affected Products (1)

microsoft/sharepoint_server

Timeline

Published Apr 18, 2008
Tracked Since Feb 18, 2026