CVE-2018-8580

Summary

An information disclosure vulnerability exists where certain modes of the search function in Microsoft SharePoint Server are vulnerable to cross-site search attacks (a variant of cross-site request forgery, CSRF), aka "Microsoft SharePoint Information Disclosure Vulnerability." This affects Microsoft SharePoint.

Affected Software

VendorProductVersion RangeStatus
MicrosoftMicrosoft SharePointEnterprise Server 2013 Service Pack 1affected
MicrosoftMicrosoft SharePointEnterprise Server 2016affected
MicrosoftMicrosoft SharePointFoundation 2010 Service Pack 2affected

Weaknesses

  • Information Disclosure

ADP Enrichment

CVE Program Container

Additional References

References