vulnerability

Microsoft CVE-2020-16944: Microsoft SharePoint Reflective XSS Vulnerability

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:M/Au:S/C:N/I:P/A:N)

Published

Oct 13, 2020

Added

Oct 13, 2020

Modified

Jan 3, 2024

Description

This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected SharePoint server.An authenticated attacker could exploit this vulnerability by sending a specially crafted request to an affected SharePoint server, aka 'Microsoft SharePoint Reflective XSS Vulnerability'.

Solution

msft-kb4486694-7b657f8f-a343-430d-b338-aa5468a81e7a

References

CVE-2020-16944
https://attackerkb.com/topics/CVE-2020-16944
MSKB-4486676
MSKB-4486677
MSKB-4486694

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report