CVE-2006-0015

Name of the Vulnerable Software and Affected Versions: Microsoft FrontPage Server Extensions 2002 and SharePoint Team Services (affected versions not specified)

Description: A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML, potentially leading to the execution of arbitrary programs or the creation of new accounts. This is achieved via the operation, command, and name parameters in the vti bin/ vti adm/fpadmdll.dll component.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.