According to its self-reported version number, the Microsoft SharePoint application running on the remote host is affected by multiple vulnerabilities :
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package.
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server.
A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.
An information disclosure vulnerability exists where certain modes of the search function in Microsoft SharePoint Server are vulnerable to cross-site search attacks (a variant of cross-site request forgery, CSRF).
A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server.
Note that the scanner has not tested for these issues but has instead relied only on the application’s self-reported version number.
No source data
Vendor | Product | Version | CPE |
---|---|---|---|
microsoft | sharepoint_server | * | cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:*:*:*:* |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1023
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1024
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1069
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1099
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1100
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1101
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1102
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1103
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1104
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1105
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1106
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1107
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1023
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1024
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1069
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1099
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1100
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1101
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1102
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1103
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1104
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1105
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1106
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1107