Microsoft SharePoint Server Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) Vulnerability

Published on December 1st, 2019

Summary

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted.

Credit:

The information has been provided by Vendor

The original article can be found at: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1070

Details

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.

Vulnerable Systems:

Microsoft SharePoint Server

CVE Information:

CVE-2019-1070

Disclosure Timeline:
Published Date:10/10/2019

Microsoft SharePoint Server Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) Vulnerability

Summary

Credit:

Details

News

Zoho ManageEngine OpManager before 12.4 Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) Vulnerability

News

MiniShare 1.4.1 Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability

News

NETGEAR JNR1010 devices before 1.0.0.32 Cross-Site Request Forgery (CSRF) Vulnerability

Microsoft SharePoint Server Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) Vulnerability

Summary

Credit:

Details

Related Posts

News

Zoho ManageEngine OpManager before 12.4 Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) Vulnerability

News

MiniShare 1.4.1 Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability

News

NETGEAR JNR1010 devices before 1.0.0.32 Cross-Site Request Forgery (CSRF) Vulnerability