Description

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0920, CVE-2020-0929, CVE-2020-0931, CVE-2020-0932, CVE-2020-0974.

Remediation

References

CVE-2020-0971

Related Vulnerabilities

WordPress Plugin FileBird-WordPress Media Library Folders & File Manager SQL Injection (4.7.3)

WordPress Plugin iQ Block Country Cross-Site Scripting (1.1.19)

MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-9276)

WordPress Plugin Easy Custom Auto Excerpt Cross-Site Scripting (2.4.6)

Nexus Repository Manager Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2020-15012)

Severity

High

Classification

CVE-2020-0971 CWE-434 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities