Description

A remote code execution vulnerability exists in PerformancePoint Services for SharePoint Server when the software fails to check the source markup of XML file input, aka 'PerformancePoint Services Remote Code Execution Vulnerability'.

Remediation

References

CVE-2020-1439

Related Vulnerabilities

Oracle Application Server Other Vulnerability (CVE-2005-3451)

Plone CMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-4194)

WordPress Plugin Yoast SEO Cross-Site Scripting (2.0.1)

Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-0449)

Apache Tomcat Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2019-17569)

Severity

High

Classification

CVE-2020-1439 CWE-502 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities