CVE-2015-6039

Name of the Vulnerable Software and Affected Versions Microsoft SharePoint Server 2013 SP1 Microsoft SharePoint Foundation 2013 SP1

Description A security feature bypass issue exists due to inadequate protection of the web page structure, allowing remote authenticated users to inject arbitrary web script or HTML via crafted content in an Office Marketplace instance. This could enable an attacker to perform persistent cross-site scripting attacks, running script in the security context of the logged-on user with malicious content that appears authentic, potentially allowing the theft of sensitive information, including authentication cookies and recently submitted data. To exploit this issue, an attacker must have the ability to update the Marketplace instance.

Recommendations For Microsoft SharePoint Server 2013 SP1, consider disabling the ability to update the Marketplace instance until a fix is available. For Microsoft SharePoint Foundation 2013 SP1, restrict access to the Office Marketplace to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.