The host is installed with Microsoft SharePoint Server 2010 and SharePoint Foundation 2010 and is prone to cross-site scripting vulnerability. A flaw is present due to improper handling of URL containing malicious JavaScript elements. Successful exploitation could allow attackers to issue SharePoint commands in the context of the authenticated user on the targeted SharePoint site.