CVE-2018-0923

Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0909, CVE-2018-0910. CVE-2018-0911, CVE-2018-0912, CVE-2018-0913 CVE-2018-0914, CVE-2018-0915, CVE-2018-0916, CVE-2018-0917, CVE-2018-0921, CVE-2018-0944 and CVE-2018-0947.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:microsoft:sharepoint_enterprise_server:2013:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:sharepoint_enterprise_server:2016:*:*:*:*:*:*:*

History

21 Nov 2024, 03:39

Type Values Removed Values Added
References () http://www.securityfocus.com/bid/103308 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/103308 - Third Party Advisory, VDB Entry
References () http://www.securitytracker.com/id/1040513 - Third Party Advisory, VDB Entry () http://www.securitytracker.com/id/1040513 - Third Party Advisory, VDB Entry
References () https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0923 - Patch, Vendor Advisory () https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0923 - Patch, Vendor Advisory

Information

Published : 2018-03-14 17:29

Updated : 2024-11-21 03:39


NVD link : CVE-2018-0923

Mitre link : CVE-2018-0923

CVE.ORG link : CVE-2018-0923


JSON object : View

Products Affected

microsoft

  • sharepoint_enterprise_server
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')