Endpoint Vulnerability

Microsoft Access Tampering Vulnerability

Description

A cross-site-scripting (XSS) vulnerability exists when Microsoft Access does not properly sanitize inputs to image fields edited within Design view. An attacker could exploit the vulnerability by sending a specially crafted file to a victim, or by hosting the file on a web server.

Affected Products

Microsoft SharePoint Enterprise Server 2013 Service Pack 1,Microsoft SharePoint Enterprise Server 2016

References

CVE-2018-0799,