CVE-2020-0647

Medium

A spoofing vulnerability exists when Office Online does not validate origin in cross-origin communications correctly, aka 'Microsoft Office…

microsoft·CWE-346·Published 2020-01-14

CVSS

5.4

EPSS

0.01

KEV

Exploits

cve.orgen

171 chars

A spoofing vulnerability exists when Office Online does not validate origin in cross-origin communications correctly, aka 'Microsoft Office Online Spoofing Vulnerability'.

NVDen

171 chars

A spoofing vulnerability exists when Office Online does not validate origin in cross-origin communications correctly, aka 'Microsoft Office Online Spoofing Vulnerability'.

NVDes

231 chars

Se presenta una vulnerabilidad de suplantación de identidad cuando Office Online no comprueba correctamente el origen en las comunicaciones de origen cruzado, también se conoce como "Microsoft Office Online Spoofing Vulnerability".

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.8	8.6	4.9	AV:N/AC:M/Au:N/C:P/I:P/A:N
3.1	Primary	NVD	5.4	2.8	2.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N