Lucene search
PRIOn knowledge basePRION:CVE-2020-1103HistoryMay 21, 2020 - 11:15 p.m.
Information disclosure
2020-05-2123:15:00
PRIOn knowledge base
www.prio-n.com
2
An information disclosure vulnerability exists where certain modes of the search function in Microsoft SharePoint Server are vulnerable to cross-site search attacks (a variant of cross-site request forgery, CSRF).When users are simultaneously logged in to Microsoft SharePoint Server and visit a malicious web page, the attacker can, through standard browser functionality, induce the browser to invoke search queries as the logged in user, aka ‘Microsoft SharePoint Information Disclosure Vulnerability’.
| CPE | Name | Operator | Version |
|---|---|---|---|
| sharepoint_enterprise_server | eq | 2016 | |
| sharepoint_foundation | eq | 2013 sp1 | |
| sharepoint_server | eq | 2019 |
Related
mscve
mscve
Microsoft SharePoint Information Disclosure Vulnerability
2020-05-12 07:00:00
cvelist
cvelist
CVE-2020-1103
2020-05-21 22:53:08
nvd
nvd
CVE-2020-1103
2020-05-21 23:15:14
cve
cve
CVE-2020-1103
2020-05-21 23:15:14
srcincite
srcincite
mskb
mskb
kaspersky
kaspersky
KLA11774 Multiple vulnerabilities in Microsoft Office
2020-05-12 00:00:00
nessus
nessus
Security Updates for Microsoft SharePoint Server (May 2020)
2020-05-12 00:00:00
