vulnerability

Microsoft SharePoint: CVE-2017-11820: Microsoft SharePoint Elevation of Privilege Vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:S/C:N/I:P/A:N)	Oct 13, 2017	May 15, 2023	May 15, 2023

Severity

CVSS

(AV:N/AC:M/Au:S/C:N/I:P/A:N)

Published

Oct 13, 2017

Added

May 15, 2023

Modified

May 15, 2023

Description

Microsoft SharePoint Enterprise Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an attacker to exploit a cross-site scripting (XSS) vulnerability by sending a specially crafted request to an affected SharePoint server, due to how SharePoint Server sanitizes web requests, aka "Microsoft Office SharePoint XSS Vulnerability". This CVE ID is unique from CVE-2017-11775 and CVE-2017-11777.

Solution

microsoft-sharepoint-sharepoint_2016-kb4011217

References

BID-101097
CVE-2017-11820
https://attackerkb.com/topics/CVE-2017-11820
URL-https://support.microsoft.com/help/4011217

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today