Vulnerability Name: Microsoft Office SharePoint XSS Vulnerability CVE ID: CVE-2020-1099 Release Date: May 12, 2020 Severity: Security Vulnerability Description: A cross-site scripting (XSS) vulnerability exists in Microsoft SharePoint Server when it improperly sanitizes crafted web requests, potentially allowing attackers to exploit SharePoint servers. Potential Impact: Successful exploitation can enable reading unauthorized content, impersonation for actions, altering permissions, deleting, or injecting malicious content. Mitigation: The security update ensures proper sanitization of web requests by SharePoint Server. Exploitability Assessment: - Publicly disclosed: No - Exploited: No - Likelihood of exploitation: Less Likely Acknowledgements: Mentioned contributor, Huỳnh Phúc Hưng.