Vulnerabilities > Microsoft > Project Server > High

DATE CVE VULNERABILITY TITLE RISK
2018-07-11 CVE-2018-8284 Code Injection vulnerability in Microsoft products
A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka ".NET Framework Remote Code Injection Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6, Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 4.7.2.
network
high complexity
microsoft CWE-94
8.1
8.1
2018-03-14 CVE-2018-0944 Cross-site Scripting vulnerability in Microsoft Project Server and Sharepoint Enterprise Server
Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability".
network
low complexity
microsoft CWE-79
8.8
8.8
2018-03-14 CVE-2018-0916 Cross-site Scripting vulnerability in Microsoft Project Server and Sharepoint Enterprise Server
Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability".
network
low complexity
microsoft CWE-79
8.8
8.8
2018-03-14 CVE-2018-0915 Cross-site Scripting vulnerability in Microsoft Project Server and Sharepoint Enterprise Server
Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability".
network
low complexity
microsoft CWE-79
8.8
8.8
2018-03-14 CVE-2018-0914 Cross-site Scripting vulnerability in Microsoft Project Server and Sharepoint Enterprise Server
Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability".
network
low complexity
microsoft CWE-79
8.8
8.8
2018-03-14 CVE-2018-0913 Cross-site Scripting vulnerability in Microsoft Project Server and Sharepoint Enterprise Server
Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability".
network
low complexity
microsoft CWE-79
8.8
8.8
2018-03-14 CVE-2018-0912 Cross-site Scripting vulnerability in Microsoft Project Server and Sharepoint Enterprise Server
Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability".
network
low complexity
microsoft CWE-79
8.8
8.8
2018-03-14 CVE-2018-0911 Cross-site Scripting vulnerability in Microsoft Project Server and Sharepoint Enterprise Server
Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability".
network
low complexity
microsoft CWE-79
8.8
8.8
2018-03-14 CVE-2018-0910 Cross-site Scripting vulnerability in Microsoft Project Server and Sharepoint Enterprise Server
Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability".
network
low complexity
microsoft CWE-79
8.8
8.8
2018-03-14 CVE-2018-0909 Cross-site Scripting vulnerability in Microsoft Project Server and Sharepoint Enterprise Server
Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability".
network
low complexity
microsoft CWE-79
8.8
8.8