Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

SharePoint Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-0932)

Description

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0920, CVE-2020-0929, CVE-2020-0931, CVE-2020-0971, CVE-2020-0974.

Remediation

References

Related Vulnerabilities

Oracle Application Server CVE-2009-1008 Vulnerability (CVE-2009-1008)

Contao Improper Input Validation Vulnerability (CVE-2020-25768)

WordPress Plugin ZooEffect for Video player Photo Gallery Slideshow jQuery and audio/music/podcast-HTML Cross-Site Scripting (1.01)

Microsoft SQL Server CVE-2023-36420 Vulnerability (CVE-2023-36420)

WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Privilege Escalation (2.1.11)

Severity

High

Classification

CVE-2020-0932 CWE-434 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities