VDB
CVE-2020-1456
CVE-2020-1456
PUBLISHED
CVSS 3.5 LOW
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1450, CVE-2020-1451.
EPSS 0.94% · 76.6th percentile
Risk Scores
CVSS 2.0
3.5
EPSS Score
0.94%
76.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Microsoft SharePoint Server | *, 2019 |
| microsoft | sharepoint_enterprise_server | 2013, 2016 |
| microsoft | sharepoint_server | 2010, 2019 |
| Microsoft | Microsoft SharePoint Enterprise Server | 2013 Service Pack 1, 2016 |
Exploit Intelligence
Timeline
- Jul 14, 2020 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
References
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1456 url
- https://slashcrypto.org/2021/01/15/CVE-2020-1456/ url
- https://it-sec.de/ger/Aktuelles-Termine/it.sec-blog/it.sec-Research-Team-findet-unbekannte-Schwachstelle-in-Microsoft-Office-SharePoint url
- https://portal.msrc.microsoft.com/fr-FR/security-guidance advisory
- https://nvd.nist.gov/vuln/detail/CVE-2020-1456 advisory
- https://slashcrypto.org/2021/01/15/CVE-2020-1456 url