Vulnerability in Microsoft Sharepoint Enterprise Server
CVE-2020-1103
An information disclosure vulnerability exists where certain modes of the search function in Microsoft SharePoint Server are vulnerable to cross-site search attacks (a variant of cross-site request forgery, CSRF).When users are simultaneou…
EPSS: 0.101 (93.2th percentile) — read the EPSS interpretation.
Affected products
- Microsoft Sharepoint Enterprise Server — versions 2016
- Microsoft Sharepoint Foundation — versions 2013 Service Pack 1
- Microsoft Sharepoint Server — versions 2019
References
- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1103 (x_refsource_MISC)