CVSS: 8.8EPSS: 1%CPEs: 2EXPL: 0CVE-2018-0923
https://notcve.org/view.php?id=CVE-2018-0923
Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0909, CVE-2018-0910. CVE-2018-0911, CVE-2018-0912, CVE-2018-0913 CVE-2018-0914, CVE-2018-0915, CVE-2018-0916, CVE-2018-0917, CVE-2018-0921, CVE-2018-0944 and CVE-2018-0947. Microsoft SharePoint Enterprise Server 2016 permite una vulnerabilidad de elevación de privilegios debido a la forma en la que se sanean las peticiones web especialmente manipuladas. Esto también se conoce como "Microsoft SharePoint Elevation of Privilege Vulnerability". • http://www.securityfocus.com/bid/103308 http://www.securitytracker.com/id/1040513 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0923 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2018-0869
https://notcve.org/view.php?id=CVE-2018-0869
SharePoint Server 2016 allows an elevation of privilege vulnerability due to how web requests are handled, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". SharePoint Server 2016 permite una vulnerabilidad de elevación de privilegios debido a la forma en la que se gestionan las peticiones web. Esto también se conoce como "Microsoft SharePoint Elevation of Privilege Vulnerability". • http://www.securityfocus.com/bid/102963 http://www.securitytracker.com/id/1040376 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0869 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2018-0790
https://notcve.org/view.php?id=CVE-2018-0790
Microsoft SharePoint Foundation 2010, Microsoft SharePoint Server 2013 and Microsoft SharePoint Server 2016 allow an elevation of privilege vulnerability due to the way web requests are handled, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0789. Microsoft SharePoint Foundation 2010, Microsoft SharePoint Server 2013 y Microsoft SharePoint Server 2016 permiten una vulnerabilidad de elevación de privilegios debido a la forma en la que se gestionan las peticiones web. Esto también se conoce como "Microsoft SharePoint Elevation of Privilege Vulnerability". Este CVE es diferente de CVE-2018-0789. • http://www.securityfocus.com/bid/102391 http://www.securitytracker.com/id/1040150 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0790 •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2018-0799
https://notcve.org/view.php?id=CVE-2018-0799
Microsoft Access in Microsoft SharePoint Enterprise Server 2013 and Microsoft SharePoint Enterprise Server 2016 allows a cross-site-scripting (XSS) vulnerability due to the way image field values are handled, aka "Microsoft Access Tampering Vulnerability". Microsoft Access en Microsoft SharePoint Enterprise Server 2013 y Microsoft SharePoint Enterprise Server 2016 permiten una vulnerabilidad de Cross-Site Scripting (XSS) debido a la forma en la que se gestionan los valores de campo de imagen. Esto también se conoce como "Microsoft Access Tampering Vulnerability". • http://www.securityfocus.com/bid/102411 http://www.securitytracker.com/id/1040157 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0799 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.0EPSS: 0%CPEs: 3EXPL: 0CVE-2018-0789
https://notcve.org/view.php?id=CVE-2018-0789
Microsoft SharePoint Foundation 2010, Microsoft SharePoint Server 2013 and Microsoft SharePoint Server 2016 allow an elevation of privilege vulnerability due to the way web requests are handled, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0790. Microsoft SharePoint Foundation 2010, Microsoft SharePoint Server 2013 y Microsoft SharePoint Server 2016 permiten una vulnerabilidad de elevación de privilegios debido a la forma en la que se gestionan las peticiones web. Esto también se conoce como "Microsoft SharePoint Elevation of Privilege Vulnerability". Este CVE es diferente de CVE-2018-0790. • http://www.securityfocus.com/bid/102394 http://www.securitytracker.com/id/1040150 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0789 •