Vulnerability in Microsoft Project Server
CVE-2020-0954
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE I…
EPSS: 0.009 (76.4th percentile) — read the EPSS interpretation.
Affected products
- Microsoft Project Server — versions 2013 Service Pack 1 (64-bit edition)
- Microsoft Sharepoint Enterprise Server — versions 2016
- Microsoft Sharepoint Server — versions 2019
References
- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0954 (x_refsource_MISC)