4 matches found
CVE-2020-1440
CVE-2020-1440 describes a tampering vulnerability in Microsoft SharePoint Server where an authenticated attacker can modify a targeted user’s profile data by sending a specially crafted request. The root cause is SharePoint’s improper handling of profile data. The impact, as stated, is the abilit...
Description of the security update for SharePoint Enterprise Server 2013: September 8, 2020
None None...
Description of the security update for SharePoint Server 2019: September 8, 2020
None None...
SRC-2020-0020 : Microsoft SharePoint Server ExchangeAutodiscover GetDataFromURL Blind Server-Side Request Forgery Tampering Vulnerability
Vulnerability Details: This vulnerability allows remote attackers escalate privileges under certain conditions. Authentication is required to exploit this vulnerability. The specific flaw exists within the GetFreeBusyStatusForOneUser function inside of the AsynchronousWebPartService class. The...