cpe:/a:microsoft:sharepoint_designer:2010:sp2 cpe:/a:microsoft:sharepoint_enterprise_server:2013:sp1 cpe:/a:microsoft:sharepoint_enterprise_server:2016 CVE-2018-8580 2018-12-11T19:29:00.513-05:00 2019-01-08T12:13:44.163-05:00 4.3 NETWORK MEDIUM NONE PARTIAL NONE NONE http://nvd.nist.gov 2019-01-02T10:30:39.767-05:00 BID 106096 CONFIRM https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8580 An information disclosure vulnerability exists where certain modes of the search function in Microsoft SharePoint Server are vulnerable to cross-site search attacks (a variant of cross-site request forgery, CSRF), aka "Microsoft SharePoint Information Disclosure Vulnerability." This affects Microsoft SharePoint.