CVE List

CVE-2020-1106

Moderate 6.1

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1099, CVE-2020-1100, CVE-2020-1101.

Published May 22, 2020.

Affected software

Microsoft Sharepoint Server

Microsoft Sharepoint Foundation

Microsoft Sharepoint Enterprise Server

Reference links

Sign Up for Alerts