Vulnerability in Microsoft Office Online Server

CVE-2020-1442

A spoofing vulnerability exists when an Office Web Apps server does not properly sanitize a specially crafted request, aka 'Office Web Apps XSS Vulnerability'.

EPSS: 0.006 (70.1th percentile) — read the EPSS interpretation.

Affected products

Microsoft Office Online Server — versions unspecified
Microsoft Office Web Apps — versions 2013 Service Pack 1

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1442 (x_refsource_MISC)