Vulnerabilities > Microsoft > Sharepoint Foundation

DATE CVE VULNERABILITY TITLE RISK
2020-09-11 CVE-2020-1452 Download of Code Without Integrity Check vulnerability in Microsoft products
<p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package.
network
low complexity
microsoft CWE-494
8.6
8.6
2020-09-11 CVE-2020-1345 Cross-site Scripting vulnerability in Microsoft products
<p>A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server.
network
low complexity
microsoft CWE-79
7.4
7.4
2020-09-11 CVE-2020-1227 Cross-site Scripting vulnerability in Microsoft products
<p>A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server.
network
low complexity
microsoft CWE-79
5.4
5.4
2020-09-11 CVE-2020-1210 Download of Code Without Integrity Check vulnerability in Microsoft products
<p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package.
network
low complexity
microsoft CWE-494
critical
 9.9
9.9
2020-09-11 CVE-2020-1205 Unspecified vulnerability in Microsoft products
<p>A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server.
network
low complexity
microsoft
4.6
4.6
2020-09-11 CVE-2020-1200 Download of Code Without Integrity Check vulnerability in Microsoft products
<p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package.
network
low complexity
microsoft CWE-494
8.6
8.6
2020-09-11 CVE-2020-1198 Cross-site Scripting vulnerability in Microsoft products
<p>A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server.
network
low complexity
microsoft CWE-79
7.4
7.4
2020-08-17 CVE-2020-1580 Cross-site Scripting vulnerability in Microsoft products
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server.
network
low complexity
microsoft CWE-79
5.4
5.4
2020-08-17 CVE-2020-1573 Cross-site Scripting vulnerability in Microsoft products
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server.
local
low complexity
microsoft CWE-79
5.5
5.5
2020-08-17 CVE-2020-1505 Unspecified vulnerability in Microsoft products
An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory.
local
low complexity
microsoft
5.5
5.5