Forum Discussion
Found Stored Cross Site Scripting (XSS) vulnerability in SharePoint 2013
Hi @all, having penetrated our local SP 2013 farm we now have to deal with a Stored Cross Site Scripting Vulnerability which was found by the pentesters. What they did: Creating a new task e...
Option 1, but that said, I can't reproduce your scenario. I created a Task list, entered "<script>alert(document.cookie);</script>" as the task item name, saved it and nothing was produced when viewing the Task list or the individual item.
At the moment I wait for the exact Code String from our pentester to reporduce the attack. I'll post it here and would kindly ask you to try it again.
Thans in advance.