Description

A remote code execution vulnerability exists in PerformancePoint Services for SharePoint Server when the software fails to check the source markup of XML file input, aka 'PerformancePoint Services Remote Code Execution Vulnerability'.

Remediation

References

CVE-2020-1439

Related Vulnerabilities

PHP Out-of-bounds Read Vulnerability (CVE-2019-11041)

WordPress Plugin All in One SEO-Best WordPress SEO-Easily Improve SEO Rankings & Increase Traffic Cross-Site Scripting (2.2.2)

WordPress Plugin Shortlinks by Pretty Links-Best WordPress Link Tracking Multiple Cross-Site Scripting Vulnerabilities (1.4.56)

WordPress Plugin WordPress Infinite Scroll-Ajax Load More Arbitrary File Upload (2.8.1.1)

Joomla! Core 3.x.x Arbitrary File Upload (3.0.0 - 3.1.4)

Severity

High

Classification

CVE-2020-1439 CWE-502 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities