Description

A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1257, CVE-2019-1296.

Remediation

References

CVE-2019-1295

Related Vulnerabilities

CakePHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4399)

Rukovoditel Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2022-48175)

WordPress Plugin Contact Form Builder-a plugin for creating contact and feedback forms Multiple SQL Injection Vulnerabilities (1.0.24)

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-1835)

PrestaShop Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-21967)

Severity

High

Classification

CVE-2019-1295 CWE-20 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities