Impact
An SQL injection flaw exists in Microsoft SharePoint Server. The flaw lies in the improper neutralization of special elements used in an SQL command, allowing malicious statements to be executed against the database. Because the injection occurs in code that is executed by the SharePoint engine, a successful exploit can result in arbitrary code execution on the server. The vulnerability is identified as CWE‑89 and is only reachable by an authenticated user who can access the SharePoint instance.
Affected Systems
Microsoft SharePoint Enterprise Server 2016, Microsoft SharePoint Server 2019, and Microsoft SharePoint Server Subscription Edition are affected. No specific build or patch levels are listed in the advisory, so any installation of these products that has not applied the latest security update is at risk. The affected components are the SharePoint web services that construct SQL commands from user-supplied input.
Risk and Exploitability
The CVSS score of 8.8 indicates a high severity risk. The EPSS score of 18% suggests a moderate likelihood of exploitation in the wild, and the vulnerability is not yet listed in the CISA KEV catalog. The attack would be carried out over the network against a SharePoint instance for which the attacker already has authenticated access. Inferred from the description, the attacker needs legitimate credentials or permissions to trigger the injection, after which the execution of arbitrary code, data exfiltration, or denial of service could be achieved, compromising confidentiality, integrity, and availability of the SharePoint server.
OpenCVE Enrichment