CVE-2020-1205

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'.

Weakness: Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Published: 2020-09-11

Researcher Credit

• Huynh Phuoc Hung

Vulnerable Products

• Sharepoint Enterprise Server
• Sharepoint Foundation
• Sharepoint Server

Community Advisory

This section is open source, for any additional information that enhances or clarifies the official advisory above.

Improve Advisory

CVE-2020-1205 Exploits

Exploits for CVE-2020-1205 are not publicly available.

Access our inventory of exclusive N-Day CVE Exploits, provided for legal security research and testing purposes. Inquire about our offerings by email: [email protected] (PGP key).

Official CVE References

View references (1)

• msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1205