Main Vulnerability Database Exploits ID:2923 - Exploit for Spoofing attack in Microsoft SharePoint Server - CVE-2020-0976

ID:2923 - Exploit for Spoofing attack in Microsoft SharePoint Server - CVE-2020-0976

Published: June 3, 2020

Vulnerability identifier: #VU26829

Vulnerability risk: Medium

CVE-ID: CVE-2020-0976

CWE-ID: CWE-451

Exploitation vector: Remote access

Vulnerable software:
Microsoft SharePoint Server

Link to public exploit:

https://github.com/T13nn3s/CVE-2020-0796

Vulnerability description

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to the Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. A remote authenticated attacker can send a specially crafted request and spoof page content.

Remediation

Install updates from vendor's website.

ID:2923 - Exploit for Spoofing attack in Microsoft SharePoint Server - CVE-2020-0976

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human