Microsoft Project Server CVE-2017-11876 Elevation of Privilege Vulnerability
Description
An elevation of privilege vulnerability exists in Microsoft Project when Microsoft Project Server does not properly manage user sessions. For this Cross-site Request Forgery(CSRF/XSRF) vulnerability to be exploited, the victim must be authenticated to (logged on) the target site.
Affected Applications
Microsoft Project Server 2013 Service Pack 1
Microsoft SharePoint Enterprise Server 2016