Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-08-17	CVE-2020-1573	Cross-site Scripting vulnerability in Microsoft products A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. local low complexity microsoft CWE-79	5.5
2018-12-12	CVE-2018-8580	Information Exposure vulnerability in Microsoft Sharepoint Designer and Sharepoint Enterprise Server An information disclosure vulnerability exists where certain modes of the search function in Microsoft SharePoint Server are vulnerable to cross-site search attacks (a variant of cross-site request forgery, CSRF), aka "Microsoft SharePoint Information Disclosure Vulnerability." This affects Microsoft SharePoint. network microsoft CWE-200	4.3