The host is installed with Microsoft SharePoint Foundation 2013 and is prone to a cross-site-scripting vulnerability. A flaw is present in the application, which does not properly sanitize a specially crafted web request. An attacker who successfully exploited these vulnerabilities could then perform cross-site scripting attacks on affected systems and run script in the security context of the current user.