Description

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1295, CVE-2019-1296.

Remediation

References

CVE-2019-1257

Related Vulnerabilities

WordPress Plugin Lana Email Logger Cross-Site Scripting (1.0.2)

Drupal Core 7.x Security Bypass (7.0 - 7.55)

PHP Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2011-0441)

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-2133)

Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-35413)

Severity

High

Classification

CVE-2019-1257 CWE-20 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities