Trending CVEs for the Week of May 13th, 2019
- May 16, 2019
- Michelangelo Sidagni
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka ‘Microsoft SharePoint Remote Code Execution Vulnerability’. An attacker could exploit the flaw by uploading a specially crafted SharePoint application package to affected versions of the software.
Exploitation of this vulnerability requires that a user uploads a specially crafted SharePoint application package to an affected versions of SharePoint. The security update addresses the vulnerability by correcting how SharePoint checks the source markup of application packages.
Users should update their systems as soon as possible. Patch can be found on the Microsoft Security Advisory.