4 matches found
CVE-2020-16951
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint...
CVE-2020-16951 Microsoft SharePoint Remote Code Execution Vulnerability
...
CVE-2020-16951
CVE-2020-16951 affects Microsoft SharePoint Server where the product fails to validate the source markup of an uploaded application package. The root cause is incorrect checking of source markup during package processing, enabling arbitrary code execution in the SharePoint application pool and fa...
SRC-2020-0024 : Microsoft SharePoint Server TOCTOU ControlParameter Binding Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on affected installations of SharePoint Server. Authentication is required to exploit this vulnerability. The specific flaw exists within the WebPartEditingSurfacePage class. The issue results from the lac...