Lucene search
AnonymousZDI-20-648HistoryMay 12, 2020 - 12:00 a.m.
Microsoft SharePoint Shared Forms Incomplete Blacklist Remote Code Execution Vulnerability
2020-05-1200:00:00
Anonymous
www.zerodayinitiative.com
17
0.017 Low
EPSS
Percentile
88.0%
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft SharePoint. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of shared forms. It is possible to invoke a shared form in a way that allows arbitrary controls to be instantiated. An attacker can leverage this vulnerability to execute code in the context of the SharePoint web server process.
Related
mscve
mscve
Microsoft SharePoint Remote Code Execution Vulnerability
2020-05-12 07:00:00
prion
prion
Remote code execution
2020-05-21 23:15:00
Remote code execution
2020-05-21 23:15:00
Remote code execution
2020-05-21 23:15:00
cvelist
cvelist
nvd
nvd
cve
cve
qualysblog
qualysblog
githubexploit
githubexploit
Exploit for Cross-site Scripting in Jquery
2020-04-14 19:12:01
mskb
mskb
nessus
nessus
Security Updates for Microsoft SharePoint Server (May 2020)
2020-05-12 00:00:00
kaspersky
kaspersky
KLA11774 Multiple vulnerabilities in Microsoft Office
2020-05-12 00:00:00
threatpost
threatpost
Microsoft Addresses 111 Bugs for May Patch Tuesday
2020-05-12 20:14:28
