CVE CVE-2020-1456 Mappings

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1450, CVE-2020-1451.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
CVE-2020-1456 Microsoft SharePoint Enterprise Server primary_impact T1059 Command and Scripting Interpreter
CVE-2020-1456 Microsoft SharePoint Enterprise Server secondary_impact T1005 Data from Local System
CVE-2020-1456 Microsoft SharePoint Enterprise Server secondary_impact T1565 Data Manipulation
CVE-2020-1456 Microsoft SharePoint Enterprise Server secondary_impact T1485 Data Destruction
CVE-2020-1456 Microsoft SharePoint Enterprise Server secondary_impact T1478 Install Insecure or Malicious Configuration
CVE-2020-1456 Microsoft SharePoint Enterprise Server secondary_impact T1036 Masquerading