writeups.xyz / SSD Advisory – Microsoft SharePoint Server WizardConnectToDataStep4 Deserialization Of Untrusted Data RCE

Submitter : c2a

Date: 19 July 2022

Bounty : undisclosed

Vulnerabilities :

• Insecure Deserialization
• RCE

Programs :

• Microsoft

Authors :

• Alex Birnberg (@Alexbirnberg)

Link :
https://ssd-disclosure.com/ssd-advisory-microsoft-sharepoint-server-wizardconnecttodatastep4-deserialization-of-untrusted-data-rce/