SharePoint RCE via specially crafted SharePoint application package — exploited by APT groups for initial access to corporate intranets. Apply February 2019 patches and restrict SharePoint package deployment to admin accounts only.
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package.
Exploit-DB.ai delivers real-time AI-triaged zero-day alerts directly to your inbox.
Activate Supernova →