First published: Tue Apr 09 2019(Updated: )
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2019-0830.
Credit: secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft SharePoint Enterprise Server 2016 | =2013-sp1 | |
Microsoft SharePoint Enterprise Server 2016 | =2016 | |
Microsoft SharePoint Foundation 2013 | =2010-sp2 | |
Microsoft SharePoint Server 2010 | =2010-sp2 | |
Microsoft SharePoint Server 2010 | =2019 | |
=2013-sp1 | ||
=2016 | ||
=2010-sp2 | ||
=2010-sp2 | ||
=2019 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-0831 has a severity rating of important according to Microsoft.
To mitigate CVE-2019-0831, ensure that you apply the latest security updates provided by Microsoft for the affected SharePoint products.
CVE-2019-0831 affects multiple versions of Microsoft SharePoint, including SharePoint Server 2010, 2013, 2016, and 2019.
CVE-2019-0831 is classified as a cross-site scripting (XSS) vulnerability.
Yes, an attacker can exploit CVE-2019-0831 remotely by sending specially crafted web requests to the affected SharePoint server.