CVE-2020-0694: 
vulnerability analysis and mitigation

A cross-site-scripting (XSS) vulnerability was identified in Microsoft SharePoint Server, tracked as CVE-2020-0694. The vulnerability was disclosed on February 11, 2020, affecting SharePoint Enterprise Server 2016. The issue exists when the server fails to properly sanitize specially crafted web requests to affected SharePoint servers (Microsoft Support).

The vulnerability is related to improper sanitization of web requests in SharePoint Server. To address this security concern, Microsoft released security update 4484255 for the 64-bit version of SharePoint Enterprise Server 2016. This update replaces the previously released security update 4484143 (Microsoft Support).

The vulnerability could allow an attacker to perform cross-site-scripting attacks if they successfully exploit the improper request sanitization in SharePoint Server (Microsoft Support).

Microsoft has released security update 4484255 for SharePoint Enterprise Server 2016 to address this vulnerability. The update can be obtained through multiple channels including Microsoft Update, Microsoft Update Catalog, and Microsoft Download Center. Users must have the release version of Microsoft SharePoint Enterprise Server 2016 installed to apply this security update (Microsoft Support).