Microsoft issues an out-of-band update to address SharePoint flaw, tracked as CVE-2019-1491, that could be exploited to obtain sensitive information.
Microsoft issues an out-of-band update to fix an information disclosure vulnerability in SharePoint server, tracked as CVE-2019-1491, that could be exploited by an attacker to obtain sensitive information.
“An information disclosure vulnerability exists in SharePoint Server. An attacker who exploited this vulnerability could read arbitrary files on the server,” reads the advisory published by Microsoft. “To exploit the vulnerability, an attacker would need to send a specially crafted request to a susceptible SharePoint Server instance.”