Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Sharepoint_enterprise_server
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 242 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-06-12 | CVE-2019-1031 | A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacker who successfully exploited the vulnerability could then perform cross-site scripting attacks on affected systems and run script in the security context of the current user. The... | Project_server, Sharepoint_enterprise_server, Sharepoint_foundation, Sharepoint_server | 5.4 | ||
| 2019-06-12 | CVE-2019-1032 | A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacker who successfully exploited the vulnerability could then perform cross-site scripting attacks on affected systems and run script in the security context of the current user. The... | Sharepoint_enterprise_server, Sharepoint_server | 5.4 | ||
| 2019-06-12 | CVE-2019-1034 | A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file could then take actions on behalf of the logged-on user with the same permissions as the current user. To exploit the vulnerability, a user must open a specially crafted file with an affected... | Office, Office_365_proplus, Office_online_server, Office_web_apps, Sharepoint_enterprise_server, Sharepoint_server, Word | 7.8 | ||
| 2019-06-12 | CVE-2019-1033 | A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacker who successfully exploited the vulnerability could then perform cross-site scripting attacks on affected systems and run script in the security context of the current user. The... | Project_server, Sharepoint_enterprise_server, Sharepoint_foundation, Sharepoint_server | 5.4 | ||
| 2019-06-12 | CVE-2019-1036 | A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacker who successfully exploited the vulnerability could then perform cross-site scripting attacks on affected systems and run script in the security context of the current user. The... | Project_server, Sharepoint_enterprise_server, Sharepoint_foundation, Sharepoint_server | 5.4 | ||
| 2023-05-09 | CVE-2023-24955 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Sharepoint_enterprise_server, Sharepoint_server | 7.2 | ||
| 2018-11-14 | CVE-2018-8568 | An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoint. This CVE ID is unique from CVE-2018-8572. | Sharepoint_enterprise_server, Sharepoint_foundation, Sharepoint_server | 5.4 | ||
| 2018-12-12 | CVE-2018-8650 | A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft Office SharePoint XSS Vulnerability." This affects Microsoft SharePoint. | Sharepoint_enterprise_server | 5.4 | ||
| 2019-04-09 | CVE-2019-0830 | A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2019-0831. | Sharepoint_enterprise_server, Sharepoint_foundation, Sharepoint_server | 5.4 | ||
| 2019-04-09 | CVE-2019-0831 | A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2019-0830. | Sharepoint_enterprise_server, Sharepoint_foundation, Sharepoint_server | 5.4 |