Description

A remote code execution vulnerability exists in PerformancePoint Services for SharePoint Server when the software fails to check the source markup of XML file input, aka 'PerformancePoint Services Remote Code Execution Vulnerability'.

Remediation

References

CVE-2020-1439

Related Vulnerabilities

WordPress Plugin Cart66 Pro Arbitrary File Disclosure (1.5.3)

WordPress Plugin Contus HD FLV Player 'process-sortable.php' SQL Injection (1.3)

Drupal Core 4.6.x Cross-Site Scripting (4.6.0 - 4.6.3)

WordPress 5.2.x Multiple Vulnerabilities (5.2 - 5.2.6)

WordPress Plugin Count per Day Multiple Vulnerabilities (3.5.6)

Severity

High

Classification

CVE-2020-1439 CWE-502 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities