A server-side include in Microsoft SharePoint via CreateChildControls in DataFormWebPart class allows an authenticated user to leak the web.config file and forge a malicious ViewState with the extracted validation key.
The user credentials requires user with page creation privileges, a standard permission.
The user credentials requires user with page creation privileges, a standard permission.
CVE Link
Exploit Platform
Exploit Type
Product Name