CVE-2026-45481
HighCVSS 7.3Exploitation Probability (EPSS)
Low risk20th percentile - higher than 20% of all known CVEs
Summary
Microsoft Office SharePoint has improper neutralization of input during web page generation, leading to a cross-site scripting (XSS) vulnerability. An authorized attacker can exploit this flaw to perform spoofing over a network.
Risk Assessment
This vulnerability may allow attackers to hijack user sessions or steal data, posing a significant security threat to the organization.
Recommendation
It is recommended to update Microsoft Office SharePoint to the latest version and implement appropriate security measures against XSS attacks.
Original NVD description (English source)
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.

