Description

An information disclosure vulnerability exists where certain modes of the search function in Microsoft SharePoint Server are vulnerable to cross-site search attacks (a variant of cross-site request forgery, CSRF), aka "Microsoft SharePoint Information Disclosure Vulnerability." This affects Microsoft SharePoint.

Remediation

References

CVE-2018-8580

Related Vulnerabilities

MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-8005)

WordPress Plugin Broadcast Live Video-Live Streaming:HTML5, WebRTC, HLS, RTSP, RTMP PHP Object Injection (4.67.8)

WordPress Plugin WP Helper Premium Cross-Site Scripting (4.2)

WordPress Plugin Allow PHP in Posts and Pages 'id' Parameter SQL Injection (2.0.0.RC1)

WordPress Plugin GD bbPress Attachments Multiple Vulnerabilities (2.2)

Severity

Medium

Classification

CVE-2018-8580 CWE-200 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities