CVE-2021-31950

HIGH

Microsoft SharePoint Server - Server-Side Request Forgery

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-31950. PoCs published by Alex Birnberg.

AI-analyzed exploit summary This exploit leverages an SSRF vulnerability in Microsoft SharePoint Server by crafting a malicious SOAP request to the 'GetXmlDataFromDataSource' endpoint, allowing an attacker to make arbitrary HTTP requests from the server. The PoC supports custom headers, POST data, and authentication via NTLM.

Description

Microsoft SharePoint Server Spoofing Vulnerability

Exploits (1)

exploitdb WORKING POC
by Alex Birnberg · pythonwebappswindows
https://www.exploit-db.com/exploits/49982

This exploit leverages an SSRF vulnerability in Microsoft SharePoint Server by crafting a malicious SOAP request to the 'GetXmlDataFromDataSource' endpoint, allowing an attacker to make arbitrary HTTP requests from the server. The PoC supports custom headers, POST data, and authentication via NTLM.

Classification
Working Poc 95%
Attack Type
Ssrf
Complexity
Moderate
Reliability
Reliable
Target: Microsoft SharePoint Server 16.0.10372.20060
Auth required
Prerequisites: Valid SharePoint credentials · Network access to the SharePoint server · Target URL for SSRF
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 7.6
EPSS 0.0456
EPSS Percentile 90.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N

Details

CWE
CWE-918
Status published
Products (3)
microsoft/sharepoint_foundation 2013 sp1
microsoft/sharepoint_server 2016
microsoft/sharepoint_server 2019
Published Jun 08, 2021
Tracked Since Feb 18, 2026