CVE-2021-31964

Name of the Vulnerable Software and Affected Versions Microsoft SharePoint Server (affected versions not specified) Microsoft SharePoint Foundation (affected versions not specified) Microsoft SharePoint Enterprise Server (affected versions not specified)

Description The issue is related to insufficient input validation in Microsoft SharePoint products, which can be exploited by a remote attacker to perform spoofing attacks using a specially crafted request to a vulnerable SharePoint server.

Recommendations For Microsoft SharePoint Server, consider restricting access to vulnerable components until a fix is available. For Microsoft SharePoint Foundation, restrict access to potentially vulnerable modules to minimize the risk of exploitation. For Microsoft SharePoint Enterprise Server, as a temporary workaround, consider disabling any features that may be related to the insufficient input validation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.