Vulnerability in Microsoft Sharepoint
CVE-2018-8580
An information disclosure vulnerability exists where certain modes of the search function in Microsoft SharePoint Server are vulnerable to cross-site search attacks (a variant of cross-site request forgery, CSRF), aka "Microsoft SharePoint…
EPSS: 0.097 (93.1th percentile) — read the EPSS interpretation.
Affected products
- Microsoft Sharepoint — versions Enterprise Server 2013 Service Pack 1, Enterprise Server 2016, Foundation 2010 Service Pack 2
References
- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8580 (x_refsource_CONFIRM)
- 106096 (vdb-entry, x_refsource_BID)