module
SharePoint Workflows XOML Injection
| Disclosed |
|---|
| 2020-03-02 |
Disclosed
2020-03-02
Description
This module exploits a vulnerability within SharePoint and its .NET backend
that allows an attacker to execute commands using specially crafted XOML data
sent to SharePoint via the Workflows functionality.
that allows an attacker to execute commands using specially crafted XOML data
sent to SharePoint via the Workflows functionality.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.