CVE-2018-0921

HIGH Year: 2018
CVSS v3 Score
8.8
High
CVSS v2 Score
6.5
Medium
Weakness Type
CWE-79
View all →

Vulnerability Description

Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0909, CVE-2018-0910. CVE-2018-0911, CVE-2018-0912, CVE-2018-0913 CVE-2018-0914, CVE-2018-0915, CVE-2018-0916, CVE-2018-0917, CVE-2018-0923, CVE-2018-0944 and CVE-2018-0947.

Related Vulnerabilities

CVE-2007-4040

HIGH
CVSS:8.8(High)

Argument injection vulnerability involving Microsoft Outlook and Outlook Express, when certain URIs are registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbit...

CWE-792007

CVE-2013-4225

HIGH
CVSS:8.8(High)

The RESTful Web Services (restws) module 7.x-1.x before 7.x-1.4 and 7.x-2.x before 7.x-2.1 for Drupal does not properly restrict access to entity write operations, which makes it easier for remote aut...

CWE-792013

CVE-2013-6364

HIGH
CVSS:8.8(High)

Horde Groupware Webmail Edition has CSRF and XSS when saving search as a virtual address book

CWE-792013

CVE-2017-12343

HIGH
CVSS:8.8(High)

Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a maliciou...

CWE-792017

CVE-2017-7666

HIGH
CVSS:8.8(High)

Apache OpenMeetings 1.0.0 is vulnerable to Cross-Site Request Forgery (CSRF) attacks, XSS attacks, click-jacking, and MIME based attacks.

CWE-792017

CVE-2017-8332

HIGH
CVSS:8.8(High)

An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of blocking key words passing in the web traffic to p...

CWE-792017