3 matches found
CVE-2020-1097 Windows Graphics Component Information Disclosure Vulnerability
...
CVE-2020-1097
CVE-2020-1097 describes an information-disclosure vulnerability in the Windows GDI component where memory contents could be exposed due to improper handling of objects in memory. An attacker could exploit this by convincing a user to open a specially crafted document or visit a malicious webpage,...
Cross site scripting
A cross-site-scripting XSS vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1099, CVE-2020-1100, CVE-2020-1106...