Description
The toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2, SharePoint Foundation 2010, Office SharePoint Server 2007 SP2, Groove Server 2010, and Office Web Apps, allows remote attackers to bypass the cross-site scripting (XSS) protection mechanism and conduct XSS attacks via a crafted use of the Cascading Style Sheets (CSS) @import rule, aka "HTML Sanitization Vulnerability," a different vulnerability than CVE-2010-1257.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Mario Heiderich · htmlremotewindows
https://www.exploit-db.com/exploits/34478
References (7)
Core 7
Core References
Exploit x_refsource_misc
http://www.wooyun.org/bug.php?action=view&id=189
Vendor Advisory vendor-advisory
x_refsource_ms
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-071
Exploit mailing-list
x_refsource_fulldisc
http://archives.neohapsis.com/archives/fulldisclosure/2010-08/0179.html
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7297
Vendor Advisory vendor-advisory
x_refsource_ms
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-072
US Government Resource third-party-advisory
x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA10-285A.html
Vendor Advisory x_refsource_confirm
http://support.avaya.com/css/P8/documents/100113324
Scores
EPSS
0.2644
EPSS Percentile
96.3%
Details
CWE
CWE-79
Status
published
Products (6)
microsoft/groove_server
2010
microsoft/internet_explorer
8
microsoft/sharepoint_foundation
2010
microsoft/sharepoint_server
2007 sp2
microsoft/sharepoint_services
3.0 sp2
microsoft/web_apps
Published
Sep 17, 2010
Tracked Since
Feb 18, 2026