CVE-2021-42309: Microsoft SharePoint Server Remote Code Execution Vulnerability

What privileges are required to exploit this vulnerability?

The attacker must be authenticated to the target site, with the permission to use Manage Lists within SharePoint.