CVE-2020-1456

Description

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka Microsoft Office SharePoint XSS Vulnerability. This CVE ID is unique from CVE-2020-1450, CVE-2020-1451.

Risk Information

Base Score

5.4

MODERATE

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

EPSS Score

Exploitation Probability

0.766

Associated Vulnerability

Vulnerability	OS Platform
.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability for 2010 Microsoft Business Productivity Servers (KB4484460)	Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE

Patch ID	Patch Description
PATCH-29282	Security Update for 2010 Microsoft Business Productivity Servers (KB4484460)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234