CVE-2018-0799

Name of the Vulnerable Software and Affected Versions: Microsoft Access in Microsoft SharePoint Enterprise Server versions prior to the fixed version

Description: A cross-site-scripting (XSS) issue exists due to improper sanitization of inputs to image fields edited within Design view. This could allow an attacker to run javascript in the security context of the current user, potentially enabling them to read unauthorized content, use the victim's identity to take actions on a remote site, and inject malicious content into the user's browser.

Recommendations: For Microsoft Access in Microsoft SharePoint Enterprise Server, update to a version that includes the fix for this issue to prevent exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.