Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
SharePoint Cross-Site Request Forgery (CSRF) Vulnerability - CVE-2020-1103 - Vulnerability Database
SharePoint

SharePoint Cross-Site Request Forgery (CSRF) Vulnerability - CVE-2020-1103

Medium
Reference: CVE-2020-1103
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2020-1103
Title: SharePoint Cross-Site Request Forgery (CSRF) Vulnerability
Overview:

An information disclosure vulnerability exists where certain modes of the search function in Microsoft SharePoint Server are vulnerable to cross-site search attacks (a variant of cross-site request forgery CSRF).When users are simultaneously logged in to Microsoft SharePoint Server and visit a malicious web page the attacker can through standard browser functionality induce the browser to invoke search queries as the logged in user aka 39Microsoft SharePoint Information Disclosure Vulnerability39.