Description

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0929, CVE-2020-0931, CVE-2020-0932, CVE-2020-0971, CVE-2020-0974.

Remediation

References

CVE-2020-0920

Related Vulnerabilities

Serendipity Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-6943)

WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-5295)

Joomla! Core 3.x.x Cross-Site Scripting (3.1.2 - 3.2.2)

WordPress Plugin wp Dreamwork Gallery 'upload.php' Arbitrary File Upload (2.1)

Oracle Database Server CVE-2006-3705 Vulnerability (CVE-2006-3705)

Severity

High

Classification

CVE-2020-0920 CWE-434 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities