CVE-2019-1261
published 2019-09-11CVE-2019-1261: A spoofing vulnerability exists in Microsoft SharePoint when it improperly handles requests to authorize applications, resulting in cross-site request forgery…
high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
A spoofing vulnerability exists in Microsoft SharePoint when it improperly handles requests to authorize applications, resulting in cross-site request forgery (CSRF).To exploit this vulnerability, an attacker would need to create a page specifically designed to cause a cross-site request, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-1259.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | microsoft_sharepoint_enterprise_server | — | — |
| microsoft | microsoft_sharepoint_foundation | — | — |
| microsoft | microsoft_sharepoint_server | — | — |
| microsoft | sharepoint_enterprise_server | — | — |
| microsoft | sharepoint_foundation | — | — |
| microsoft | sharepoint_server | — | — |
| msrc | microsoft_sharepoint_enterprise_server_2016 | — | — |
| msrc | microsoft_sharepoint_foundation_2013_service_pack_1 | — | — |
| msrc | microsoft_sharepoint_server_2019 | — | — |