Description

SharePoint Project Server 2013 and SharePoint Enterprise Server 2016 allow an information disclosure vulnerability due to how web requests are handled, aka "Microsoft SharePoint Information Disclosure Vulnerability".

Remediation

References

CVE-2018-0864

Related Vulnerabilities

WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-3383)

WordPress Plugin FD Feedburner Cross-Site Request Forgery (1.42)

MediaWiki Improper Access Control Vulnerability (CVE-2015-8001)

WordPress Plugin Flexible Captcha Multiple Vulnerabilities (3.3)

WordPress Plugin Simple Sticky Footer Cross-Site Request Forgery (1.3.2)

Severity

Medium

Classification

CVE-2018-0864 CWE-707 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities