Microsoft SharePoint Server Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) Vulnerability

Published on December 1st, 2019

Summary

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted.

Credit:

The information has been provided by Vendor

The original article can be found at: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1070

Details

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.

Vulnerable Systems:

Microsoft SharePoint Server

CVE Information:

CVE-2019-1070

Disclosure Timeline:
Published Date:10/10/2019

Microsoft SharePoint Server Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) Vulnerability

Summary

Credit:

Details

Featured News

HP Access Control versions prior to 16.7 Improper Privilege Management Vulnerability

Featured News

Google Chrome prior to 79.0.3945.88 Use After Free Vulnerability

News

IBM Jazz Reporting Service (JRS) 6.0.6.1 Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) Vulnerability

Microsoft SharePoint Server Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) Vulnerability

Summary

Credit:

Details

Related Posts

Featured News

HP Access Control versions prior to 16.7 Improper Privilege Management Vulnerability

Featured News

Google Chrome prior to 79.0.3945.88 Use After Free Vulnerability

News

IBM Jazz Reporting Service (JRS) 6.0.6.1 Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) Vulnerability