{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T19:24:05.960","vulnerabilities":[{"cve":{"id":"CVE-2020-1442","sourceIdentifier":"secure@microsoft.com","published":"2020-07-14T23:15:19.463","lastModified":"2024-11-21T05:10:33.520","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A spoofing vulnerability exists when an Office Web Apps server does not properly sanitize a specially crafted request, aka 'Office Web Apps XSS Vulnerability'."},{"lang":"es","value":"Se presenta una vulnerabilidad de suplantación de identidad cuando un servidor de Office Web Apps no sanea apropiadamente una petición especialmente diseñada, también se conoce como 'Vulnerabilidad XSS de Office Web Apps'"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_online_server:-:*:*:*:*:*:*:*","matchCriteriaId":"E98AE986-FA31-4301-8025-E8915BA4AC5E"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_web_apps:2013:sp1:*:*:*:*:*:*","matchCriteriaId":"B3C3FC9A-D8E5-493A-A575-C831A9A28815"}]}]}],"references":[{"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1442","source":"secure@microsoft.com","tags":["Patch","Vendor Advisory"]},{"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1442","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}