CVE-2019-0558
published 2019-01-08CVE-2019-0558: A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected…
medium5.4CVSS 3.1
AVNACLPRLUIRSCCLILAN
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft Office SharePoint XSS Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoint, Microsoft Business Productivity Servers. This CVE ID is unique from CVE-2019-0556, CVE-2019-0557.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | business_productivity_servers | — | — |
| microsoft | microsoft_business_productivity_servers | — | — |
| microsoft | microsoft_sharepoint | — | — |
| microsoft | microsoft_sharepoint | — | — |
| microsoft | microsoft_sharepoint_server | — | — |
| microsoft | sharepoint_server | — | — |
| microsoft | sharepoint_server | — | — |
| microsoft | sharepoint_server | — | — |
| msrc | microsoft_business_productivity_servers_2010_service_pack_2 | — | — |
| msrc | microsoft_sharepoint_enterprise_server_2013_service_pack_1 | — | — |
| msrc | microsoft_sharepoint_enterprise_server_2016 | — | — |
| msrc | microsoft_sharepoint_server_2019 | — | — |