Microsoft SharePoint CVE-2019-1260 Elevation of Privilege Vulnerability

description-logoDescription

An elevation of privilege vulnerability exists in Microsoft SharePoint. An attacker who successfully exploited this vulnerability could attempt to impersonate another user of the SharePoint server. To exploit this vulnerability, an authenticated attacker would send a specially crafted request to an affected server, thereby allowing the impersonation of another SharePoint user. The security update addresses the vulnerability by correcting how Microsoft SharePoint sanitizes user input.

affected-products-logoAffected Applications

Microsoft SharePoint Server 2019
Microsoft SharePoint Foundation 2013 Service Pack 1
Microsoft SharePoint Enterprise Server 2016
Microsoft SharePoint Foundation 2010 Service Pack 2

CVE References

CVE-2019-1260