CVE-2020-0893

2020-03-1215:48:55

microsoft

www.cve.org

5.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

29.5%

JSON

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka ‘Microsoft Office SharePoint XSS Vulnerability’. This CVE ID is unique from CVE-2020-0894.

CNA Affected

[
  {
    "product": "Microsoft SharePoint Enterprise Server",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "2016"
      },
      {
        "status": "affected",
        "version": "2013 Service Pack 1"
      }
    ]
  },
  {
    "product": "Microsoft SharePoint Server",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "2019"
      }
    ]
  }
]