Microsoft SharePoint Server 2010 SP1 and SP2 and 2013, and Office Web Apps 2013, allows remote attackers to execute arbitrary code via crafted page content, aka "SharePoint Page Content Vulnerabilities."
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-100