Exploit for #VU27737 Cross-site request forgery in Microsoft SharePoint Server

Cybersecurity Help s.r.o.

Published: 2020-11-11 | Updated: 2020-11-14

Vulnerability identifier: #VU27737

Vulnerability risk: Low

CVSSv4.0: 2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2020-1103

CWE-ID: CWE-352

Exploitation vector: Network

Exploits in database: 2

November 14, 2020
- Microsoft SharePoint Server TOCTOU ControlParameter Binding Remote Code Execution Vulnerability [Source Incite]
November 11, 2020
- Microsoft SharePoint Server TOCTOU ControlParameter Binding Information Disclosure Vulnerability [Source Incite]

Vulnerable software:
Microsoft SharePoint Server
Server applications / Application servers

Vendor: Microsoft