Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Severity
Medium
Analysis summary
CVE-2019-1033, CVE-2019-1036, CVE-2019-1031
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.
Impact
Cross Site Scripting
Affected Vendors
Microsoft
Affected Products
Microsoft SharePoint Foundation 2013
Remediation
Apply update.
Microsoft SharePoint Foundation 2013 Service Pack 1 (KB4464602):
https://www.microsoft.com/downloads/details.aspx?familyid=b4cf0fb9-bfc6-4c8c-9696-c14b96091839
Microsoft SharePoint Foundation 2013 Service Pack 1 (KB4464597):
https://www.microsoft.com/downloads/details.aspx?familyid=9b445eb9-105f-4403-98c7-105f95fb45be