Intrusion PreventionMS.SharePoint.Server.AggregationCustomize.Stored.XSS
Description
This indicates an attack attempt to exploit a Cross-Site Scripting Vulnerability in Microsoft SharePoint Foundation.
This vulnerability is due to improper validation of web requests. A remote, authenticated attacker can exploit this vulnerability by sending maliciously crafted requests to a vulnerable SharePoint server. Successful exploitation of this vulnerability could allow the attacker to execute arbitrary JavaScript code under the security context of target users.
Affected Products
Microsoft SharePoint Enterprise Server 2016
Microsoft SharePoint Foundation 2013 Service Pack 1
Impact
System Compromise: Remote attackers can execute arbitrary script code in the context of the affected application.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1070
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2020-12-31 | 16.989 | Name:MS. SharePoint. Server. Stored. XSS:MS. SharePoint. Server. AggregationCustomize. Stored. XSS |
| 2020-12-29 | 16.987 | Name:MS. SharePoint. Stored. XSS:MS. SharePoint. Server. Stored. XSS |
| 2020-12-23 | 16.985 | Name:MS. Office. SharePoint. Stored. XSS:MS. SharePoint. Stored. XSS |
| 2020-05-05 | 15.835 | Default_action:pass:drop |
| 2020-01-29 | 15.767 | |
| 2020-01-20 | 15.761 |
| ID | 48676 |
| Created | Jan 21, 2020 |
| Updated | Dec 30, 2020 |
| Risk |
|
| CVE ID | CVE-2019-1070 |
| Exploit Prediction Score | 0.07% |
| Default Action | drop |
| Active | |
| Affected OS | Windows |
| Affected App | MS_Office |