Description

A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability'.

Remediation

References

CVE-2020-1147

Related Vulnerabilities

WordPress Plugin WP-Live Chat by 3CX Cross-Site Request Forgery (8.0.37)

Apache Traffic Server Improper Input Validation Vulnerability (CVE-2022-25763)

Joomla Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2018-11325)

Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-11199)

WebLogic CVE-2023-21841 Vulnerability (CVE-2023-21841)

Severity

High

Classification

CVE-2020-1147 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities