CVE-2019-1328

Name of the Vulnerable Software and Affected Versions Microsoft SharePoint Enterprise Server and Microsoft SharePoint Foundation (affected versions not specified)

Description The issue is related to the failure to protect the web page structure, allowing a remote attacker to perform a cross-site scripting attack by sending specially crafted requests. This could enable the attacker to read unauthorized content, use the victim's identity to take actions on the SharePoint site, change permissions, delete content, and inject malicious content into the user's browser.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.