IT company Microsoft seems to be needing its team of IT engineers use IT Support because of the fact that there might be an IT security flaw in older versions of its SharePoint Server IT product. The bug was reported by an independent IT security researcher who said that the problem is that the bug can easily expose sensitive data and user authentication credentials. The vulnerability was found in SharePoint Server 2007. An advisory from High-Tech Bridge states that "The vulnerability exists due to failure in the '/_layouts/help.aspx' script to properly sanitize user-supplied input in 'cid0' variable. Successful exploitation of this vulnerability could result in a compromise of the application, theft of cookie-based authentication credentials, disclosure or modification of sensitive data." Even though High-Tech Bridge told Microsoft about the vulnerability on April 12, they made public the report only on Thursday. XSS bugs are the most common form of vulnerability that goes around on the Internet.
