Vulnerabilities > Microsoft > Sharepoint Server > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-10-16 CVE-2020-16942 Unspecified vulnerability in Microsoft products
<p>An information disclosure vulnerability exists when Microsoft SharePoint Server improperly discloses its folder structure when rendering specific web pages.
local
high complexity
microsoft
4.1
2020-10-16 CVE-2020-16941 Unspecified vulnerability in Microsoft products
<p>An information disclosure vulnerability exists when Microsoft SharePoint Server improperly discloses its folder structure when rendering specific web pages.
local
high complexity
microsoft
4.1
2020-09-11 CVE-2020-1514 Cross-site Scripting vulnerability in Microsoft products
<p>A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server.
network
low complexity
microsoft CWE-79
5.4
2020-09-11 CVE-2020-1482 Cross-site Scripting vulnerability in Microsoft products
<p>A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server.
network
low complexity
microsoft CWE-79
6.3
2020-09-11 CVE-2020-1440 Unspecified vulnerability in Microsoft Sharepoint Enterprise Server and Sharepoint Server
<p>A tampering vulnerability exists when Microsoft SharePoint Server fails to properly handle profile data.
network
low complexity
microsoft
6.3
2020-09-11 CVE-2020-1227 Cross-site Scripting vulnerability in Microsoft products
<p>A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server.
network
low complexity
microsoft CWE-79
5.4
2020-09-11 CVE-2020-1205 Unspecified vulnerability in Microsoft products
<p>A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server.
network
low complexity
microsoft
4.6
2020-08-17 CVE-2020-1580 Cross-site Scripting vulnerability in Microsoft products
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server.
network
low complexity
microsoft CWE-79
5.4
2020-08-17 CVE-2020-1573 Cross-site Scripting vulnerability in Microsoft products
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server.
local
low complexity
microsoft CWE-79
5.5
2020-08-17 CVE-2020-1505 Unspecified vulnerability in Microsoft products
An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory.
local
low complexity
microsoft
5.5