Lucene search

K
cvelistMicrosoftCVELIST:CVE-2019-1261
HistorySep 11, 2019 - 9:24 p.m.

CVE-2019-1261

2019-09-1121:24:59
microsoft
www.cve.org

8.4 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.3%

A spoofing vulnerability exists in Microsoft SharePoint when it improperly handles requests to authorize applications, resulting in cross-site request forgery (CSRF).To exploit this vulnerability, an attacker would need to create a page specifically designed to cause a cross-site request, aka β€˜Microsoft SharePoint Spoofing Vulnerability’. This CVE ID is unique from CVE-2019-1259.

CNA Affected

[
  {
    "product": "Microsoft SharePoint Foundation",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "2013 Service Pack 1"
      }
    ]
  },
  {
    "product": "Microsoft SharePoint Enterprise Server",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "2016"
      }
    ]
  },
  {
    "product": "Microsoft SharePoint Server",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "2019"
      }
    ]
  }
]

8.4 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.3%