CVE Catalog
CVE-2026-23652
CriticalSummary
Microsoft Power Pages has a command injection vulnerability due to improper neutralization of special elements. This allows an unauthorized attacker to execute code over a network.
Risk Assessment
An attacker could exploit this vulnerability to execute code remotely, potentially leading to serious security breaches within the organization.
Recommendation
It is recommended to update Microsoft Power Pages to the latest version to mitigate this vulnerability and implement additional security measures.
Original NVD description (English source)
Improper neutralization of special elements used in a command ('command injection') in Microsoft Power Pages allows an unauthorized attacker to execute code over a network.

