The toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2, SharePoint Foundation 2010, Office SharePoint Server 2007 SP2, Groove Server 2010, and Office Web Apps, allows remote attackers to bypass the cross-site scripting (XSS) protection mechanism and conduct XSS attacks via a crafted use of the Cascading Style Sheets (CSS) @import rule, aka "HTML Sanitization Vulnerability," a different vulnerability than CVE-2010-1257.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: microsoft
Published: 2010-09-17T17:46:00
Updated: 2018-10-12T19:57:01
Reserved: 2010-09-14T00:00:00
Link: CVE-2010-3324
JSON object: View
NVD Information
Status : Modified
Published: 2010-09-17T18:00:03.290
Modified: 2021-07-23T15:12:30.843
Link: CVE-2010-3324
JSON object: View
Redhat Information
No data.
CWE