Description

An information disclosure vulnerability exists where certain modes of the search function in Microsoft SharePoint Server are vulnerable to cross-site search attacks (a variant of cross-site request forgery, CSRF), aka "Microsoft SharePoint Information Disclosure Vulnerability." This affects Microsoft SharePoint.

Remediation

References

CVE-2018-8580

Related Vulnerabilities

WebLogic Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2020-7226)

WordPress Plugin iThemes Security (formerly Better WP Security) Multiple Vulnerabilities (3.6.3)

OpenSSL Inadequate Encryption Strength Vulnerability (CVE-2014-0224)

WordPress Plugin GD Rating System Unspecified Vulnerability (2.6)

LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-28709)

Severity

Medium

Classification

CVE-2018-8580 CWE-200 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities