CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-1442

A spoofing vulnerability exists when an Office Web Apps server does not properly sanitize a specially crafted request, aka 'Office Web Apps XSS Vulnerability'.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 68.6%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1442
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1442

Products affected by CVE-2020-1442

Microsoft » Office Online Server » Version: N/A

cpe:2.3:a:microsoft:office_online_server:-
Microsoft » Office Web Apps » Version: 2013

cpe:2.3:a:microsoft:office_web_apps:2013

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-1442

Products

Pricing

Contact Us