Microsoft SharePoint Server Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) Vulnerability

Summary

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted.

Credit:

The information has been provided by Vendor

The original article can be found at: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1070


Details

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.

Vulnerable Systems:

Microsoft SharePoint Server 

CVE Information:

CVE-2019-1070

Disclosure Timeline:
Published Date:10/10/2019

Categories: News