CVE-2020-16941

Name of the Vulnerable Software and Affected Versions: Microsoft SharePoint Server (affected versions not specified) Microsoft SharePoint Foundation (affected versions not specified) Microsoft SharePoint Enterprise Server (affected versions not specified)

Description: The issue is related to errors in handling objects in memory and improper disclosure of the folder structure when rendering specific web pages. This could allow an attacker to gain unauthorized access to protected information or view the folder path of scripts loaded on the page. To exploit this, an attacker would need access to the specific SharePoint page affected by this vulnerability.

Recommendations: For Microsoft SharePoint Server, update the software to correct how scripts are referenced on some SharePoint pages. For Microsoft SharePoint Foundation, update the software to correct how scripts are referenced on some SharePoint pages. For Microsoft SharePoint Enterprise Server, update the software to correct how scripts are referenced on some SharePoint pages. As a temporary workaround, consider restricting access to the specific SharePoint pages affected by this vulnerability until a patch is available.