CVE-2020-1106 - Microsoft Sharepoint Server, Microsoft Sharepoint Foundation and Microsoft Sharepoint Enterprise Server

Moderate 6.1

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1099, CVE-2020-1100, CVE-2020-1101.

Affected software

Microsoft Sharepoint Server

Microsoft Sharepoint Foundation

Microsoft Sharepoint Enterprise Server

Reference links

Get alerted to vulnerabilities in your software

CVE alerts, vulnerability alerts, latest versions and news matched to your software stack.