Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
3.5
CVSSv2

CVE-2020-1318

Published: 09/06/2020 Updated: 11/06/2020
CVSS v2 Base Score: 3.5 | Impact Score: 2.9 | Exploitability Score: 6.8
CVSS v3 Base Score: 5.4 | Impact Score: 2.7 | Exploitability Score: 2.3
VMScore: 312
Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N
Subscribe to Sharepoint Enterprise Server

Vulnerability Summary

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1177, CVE-2020-1183, CVE-2020-1297, CVE-2020-1298, CVE-2020-1320.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft sharepoint enterprise server 2013

microsoft sharepoint enterprise server 2016

microsoft sharepoint foundation 2010

microsoft sharepoint foundation 2013

microsoft sharepoint server 2019

Recent Articles

June's Patch Tuesday reveals 23 ways to remotely pwn Windows – and over 100 more bugs that could ruin your day
The Register • Shaun Nichols in San Francisco • 09 Jun 2020

Microsoft, Intel, Adobe, SAP emit fixes in security synchronicity

Patch Tuesday Microsoft has given IT admins and folks another busy Patch Tuesday with 129 security vulnerabilities to address. The Redmond giant has posted fixes for CVE-listed bugs in its latest monthly security update, including 23 that allow for remote code execution. The massive bundle is not entirely unexpected, as security experts have suggested that vendors are still catching up on their patching and reporting routines. Of the 129 patches this month, 11 were rated by Microsoft as critical...

Read more...

References

CWE-79https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1318https://nvd.nist.govhttps://www.theregister.co.uk/2020/06/09/june_2020_patch_tuesday/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27975CVE-2024-2961CVE-2024-20380XML injectionHTML injectionCVE-2024-29204CVE-2023-51795memory leakCVE-2024-3470
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook