Описание
Microsoft SharePoint Information Disclosure Vulnerability
An information disclosure vulnerability exists when Microsoft SharePoint Server improperly discloses its folder structure when rendering specific web pages. An attacker who took advantage of this information disclosure could view the folder path of scripts loaded on the page.
To take advantage of the vulnerability, an attacker would require access to the specific SharePoint page affected by this vulnerability.
The security update addresses the vulnerability by correcting how scripts are referenced on some SharePoint pages.
FAQ
What type of information could be disclosed by this vulnerability?
The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Personally Identifiable Information (PII).
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Microsoft SharePoint Enterprise Server 2013 Service Pack 1 |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
Older Software Release
DOS
EPSS
Связанные уязвимости
An information disclosure vulnerability exists when Microsoft SharePoint Server improperly discloses its folder structure when rendering specific web pages, aka "Microsoft SharePoint Information Disclosure Vulnerability." This affects Microsoft SharePoint.
An information disclosure vulnerability exists when Microsoft SharePoint Server improperly discloses its folder structure when rendering specific web pages, aka "Microsoft SharePoint Information Disclosure Vulnerability." This affects Microsoft SharePoint.
Уязвимость пакета программ Microsoft SharePoint Enterprise Server, связанная с ошибками разграничения доступа, позволяющая нарушителю раскрыть защищаемую информацию
EPSS