CVE-2020-1181

Description

A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net web controls, aka Microsoft SharePoint Server Remote Code Execution Vulnerability.

Risk Information

Base Score

8.8

MODERATE

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score

Exploitation Probability

50.74

Associated Vulnerability

Vulnerability	OS Platform
Microsoft Office SharePoint XSS Vulnerability for Microsoft SharePoint Foundation 2010 (KB4484391)	Windows
Microsoft Office SharePoint XSS Vulnerability for Microsoft SharePoint Foundation 2013 (KB4484409)	Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE

Patch ID	Patch Description
PATCH-29115	Security Update for Microsoft SharePoint Foundation 2013 (KB4484409)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234