Description

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0920, CVE-2020-0929, CVE-2020-0931, CVE-2020-0932, CVE-2020-0971.

Remediation

References

CVE-2020-0974

Related Vulnerabilities

WordPress Plugin Asgaros Forum Cross-Site Scripting (1.0.7)

XOOPS Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-6884)

WordPress Plugin WP-PostRatings '[ratings]' Shortcode SQL Injection (1.61)

WordPress Plugin Brizy-Page Builder Arbitrary File Upload (2.4.44)

WordPress Plugin Very Simple Quiz Cross-Site Scripting (1.0.0)

Severity

High

Classification

CVE-2020-0974 CWE-434 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities