CVE-2018-0912

Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0909, CVE-2018-0910. CVE-2018-0911, CVE-2018-0913, CVE-2018-0914, CVE-2018-0915, CVE-2018-0916, CVE-2018-0917, CVE-2018-0921, CVE-2018-0923, CVE-2018-0944 and CVE-2018-0947.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:microsoft:project_server:2013:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:sharepoint_enterprise_server:2016:*:*:*:*:*:*:*

History

No history.

Information

Published : 2018-03-14 17:29

Updated : 2024-02-04 19:46


NVD link : CVE-2018-0912

Mitre link : CVE-2018-0912

CVE.ORG link : CVE-2018-0912


JSON object : View

Products Affected

microsoft

  • project_server
  • sharepoint_enterprise_server
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')