CVE-2020-1200

Name of the Vulnerable Software and Affected Versions: Microsoft SharePoint Server, SharePoint Foundation, and SharePoint Enterprise Server (affected versions not specified)

Description: A remote code execution issue exists in Microsoft SharePoint due to the software's failure to properly check the source markup of an application package. This could allow a remote attacker to execute arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account. Exploitation requires a user to upload a specially crafted SharePoint application package to an affected version of SharePoint.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.