PT-2023-2311 · Microsoft · Sharepoint Server+1

Chudypb

Published

2023-04-11

Updated

2025-01-01

CVE-2023-28288

CVSS v3.1

8.1

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Name of the Vulnerable Software and Affected Versions Microsoft SharePoint Server (affected versions not specified)

Description The issue is related to insufficient validation of requests on the server side, which can be exploited by a remote attacker using a specially crafted HTTP request to affect the integrity of protected information. This can allow attackers to impact the system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

SSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-918

Related Identifiers

BDU:2023-02075

CVE-2023-28288

ZDI-23-382

Affected Products

Sharepoint Server

Sharepoint Foundation

PT-2023-2311 · Microsoft · Sharepoint Server+1

CVE-2023-28288

Weakness Enumeration

Related Identifiers

Affected Products

References · 9