Description

A remote code execution vulnerability exists in PerformancePoint Services for SharePoint Server when the software fails to check the source markup of XML file input, aka 'PerformancePoint Services Remote Code Execution Vulnerability'.

Remediation

References

CVE-2020-1439

Related Vulnerabilities

WordPress Plugin Simple Sitemap-Create a Responsive HTML Sitemap Security Bypass (3.5.4)

Squid Integer Overflow or Wraparound Vulnerability (CVE-2021-31807)

Caddy Web Server Improper Authentication Vulnerability (CVE-2018-21246)

WordPress Plugin weForms-Easy Drag & Drop Contact Form Builder For WordPress CSV Injection (1.6.3)

OpenSSL Uncontrolled Resource Consumption Vulnerability (CVE-2016-6307)

Severity

High

Classification

CVE-2020-1439 CWE-502 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities