Vulnerability in Microsoft Sharepoint Enterprise Server
CVE-2020-1177
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE I…
EPSS: 0.010 (77.1th percentile) — read the EPSS interpretation.
Affected products
- Microsoft Sharepoint Enterprise Server — versions 2016
- Microsoft Sharepoint Foundation — versions 2013 Service Pack 1
- Microsoft Sharepoint Server — versions 2019
References
- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1177 (x_refsource_MISC)