Microsoft · Windows Server 2008 R2 · CVE-2011-1263
**Name of the Vulnerable Software and Affected Versions**
Microsoft Windows Server 2008 R2 and R2 SP1
**Description**
A cross-site scripting (XSS) issue exists in the logon page of Remote Desktop Web Access (RD Web Access), allowing remote attackers to inject arbitrary web script or HTML via the URI.
**Recommendations**
For Microsoft Windows Server 2008 R2 and R2 SP1, at the moment, there is no information about a newer version that contains a fix for this vulnerability.