Lucene search

K
cvelistMicrosoftCVELIST:CVE-2020-0954
HistoryApr 15, 2020 - 3:13 p.m.

CVE-2020-0954

2020-04-1515:13:01
microsoft
www.cve.org
8

AI Score

5.4

Confidence

High

EPSS

0.001

Percentile

29.7%

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka ‘Microsoft Office SharePoint XSS Vulnerability’. This CVE ID is unique from CVE-2020-0923, CVE-2020-0924, CVE-2020-0925, CVE-2020-0926, CVE-2020-0927, CVE-2020-0930, CVE-2020-0933, CVE-2020-0973, CVE-2020-0978.

CNA Affected

[
  {
    "product": "Microsoft SharePoint Enterprise Server",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "2016"
      }
    ]
  },
  {
    "product": "Microsoft SharePoint Server",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "2019"
      }
    ]
  },
  {
    "product": "Microsoft Project Server",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "2013 Service Pack 1 (64-bit edition)"
      }
    ]
  }
]

AI Score

5.4

Confidence

High

EPSS

0.001

Percentile

29.7%