Lucene search
MicrosoftCVELIST:CVE-2017-11876HistoryNov 14, 2017 - 12:00 a.m.
CVE-2017-11876
2017-11-1400:00:00
microsoft
www.cve.org
Microsoft Project Server and Microsoft SharePoint Enterprise Server 2016 allow an attacker to use cross-site forgery to read content that they are not authorized to read, use the victim’s identity to take actions on the web application on behalf of the victim, such as change permissions and delete content, and inject malicious content in the browser of the victim, aka “Microsoft Project Server Elevation of Privilege Vulnerability”.
CNA Affected
[
{
"product": "Microsoft Server",
"vendor": "Microsoft Corporation",
"versions": [
{
"status": "affected",
"version": "Microsoft Project Server 2013, Microsoft SharePoint Enterprise Server 2016"
}
]
}
]Related
mskb
mskb
cve
cve
CVE-2017-11876
2017-11-15 03:29:01
openvas
openvas
mscve
mscve
Microsoft Project Server Elevation of Privilege Vulnerability
2017-11-14 08:00:00
nvd
nvd
CVE-2017-11876
2017-11-15 03:29:01
nessus
nessus
symantec
symantec
Microsoft Office CVE-2017-11876 Cross Site Request Forgery Vulnerability
2017-11-14 00:00:00
prion
prion
Privilege escalation
2017-11-15 03:29:00
kaspersky
kaspersky
KLA11139 Multiple vulnerabilities in Microsoft Office
2017-11-14 00:00:00
talosblog
talosblog
Microsoft Patch Tuesday - November 2017
2017-11-14 11:54:00
trendmicroblog
trendmicroblog