Vulnerabilities > Microsoft > Sharepoint Foundation > 2010

DATE CVE VULNERABILITY TITLE RISK
2020-06-09 CVE-2020-1320 Cross-site Scripting vulnerability in Microsoft products
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'.
network
microsoft CWE-79
3.5
3.5
2020-06-09 CVE-2020-1318 Cross-site Scripting vulnerability in Microsoft products
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'.
network
microsoft CWE-79
3.5
3.5
2020-06-09 CVE-2020-1298 Cross-site Scripting vulnerability in Microsoft products
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'.
network
microsoft CWE-79
3.5
3.5
2020-06-09 CVE-2020-1297 Cross-site Scripting vulnerability in Microsoft products
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'.
network
microsoft CWE-79
3.5
3.5
2020-06-09 CVE-2020-1289 Cross-site Scripting vulnerability in Microsoft Sharepoint Foundation 2010
A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'.
network
microsoft CWE-79
3.5
3.5
2020-06-09 CVE-2020-1181 Improper Input Validation vulnerability in Microsoft products
A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net web controls, aka 'Microsoft SharePoint Server Remote Code Execution Vulnerability'.
network
low complexity
microsoft CWE-20
6.5
6.5
2020-04-15 CVE-2020-0975 Improper Input Validation vulnerability in Microsoft products
A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'.
network
microsoft CWE-20
3.5
3.5
2020-04-15 CVE-2020-0972 Improper Input Validation vulnerability in Microsoft products
A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'.
network
microsoft CWE-20
3.5
3.5
2020-04-15 CVE-2020-0971 Unrestricted Upload of File with Dangerous Type vulnerability in Microsoft products
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'.
network
low complexity
microsoft CWE-434
8.8
8.8
2020-04-15 CVE-2020-0929 Unrestricted Upload of File with Dangerous Type vulnerability in Microsoft products
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'.
network
low complexity
microsoft CWE-434
6.5
6.5