The vulnerability could allow an attacker to run arbitrary script that could result in elevation of privilege within the SharePoint site, as opposed to elevation of privilege within the workstation or server environment.

http://www.securiteam.com/windowsntfocus/6W00E00K0E.html