Description

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1295, CVE-2019-1296.

Remediation

References

CVE-2019-1257

Related Vulnerabilities

phpMyAdmin Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-19969)

WordPress Plugin Salon Booking System Arbitrary File Upload (10.2)

PostgreSQL Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0060)

WordPress Plugin Organizer Multiple Cross-Site Scripting and Information Disclosure Vulnerabilities (1.2.1)

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-7846)

Severity

High

Classification

CVE-2019-1257 CWE-20 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities