Description

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2019-1032, CVE-2019-1033, CVE-2019-1036.

Remediation

References

CVE-2019-1031

Related Vulnerabilities

TYPO3 Files or Directories Accessible to External Parties Vulnerability (CVE-2021-21355)

WordPress Ultimate Member Plugin CVE-2020-36170 Vulnerability (CVE-2020-36170)

WordPress Plugin Newsletter-Send awesome emails from WordPress Open Redirect (3.7.0)

WordPress Plugin Quiz Maker Multiple SQL Injection Vulnerabilities (6.2.0.8)

osTicket Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-0605)

Severity

Medium

Classification

CVE-2019-1031 CWE-707 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities