← back
CVE-2019-0558

CVE-2019-0558

CVSS 5.4 MEDIUMEPSS 2.0%CWE-79
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5.4EPSS 2.0%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
08 Jan 2019Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft Office SharePoint XSS Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoint, Microsoft Business Productivity Servers. This CVE ID is unique from CVE-2019-0556, CVE-2019-0557.
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N