Microsoft SharePoint Server Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) Vulnerability
Published on December 1st, 2019
Summary
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted.
Credit:
The information has been provided by Vendor
The original article can be found at: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1070
Details
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.
Vulnerable Systems:
Microsoft SharePoint Server
CVE Information:
Disclosure Timeline:
Published Date:10/10/2019