Microsoft SharePoint DestinationFolder Cross-site Scripting (CVE-2019-1262)

A cross-site scripting vulnerability exists in Microsoft SharePoint server. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary code on the affected system.

You can read the full article here.