CVE Catalog

CVE-2026-45462

MediumCVSS 4.6
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.06%

19th percentile - higher than 19% of all known CVEs

Summary

Microsoft Office SharePoint has improper neutralization of input during web page generation, leading to a cross-site scripting (XSS) vulnerability. An authorized attacker can exploit this flaw to perform spoofing over a network.

Risk Assessment

This vulnerability could allow attackers to hijack user sessions or steal sensitive information, posing a significant security risk to the organization.

Recommendation

It is recommended to update Microsoft Office SharePoint to the latest version to patch this vulnerability and implement additional security measures such as input data filtering.

Original NVD description (English source)

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS