4 matches found
CVE-2025-64672
CVE-2025-64672 is a cross-site scripting issue in Microsoft Office SharePoint (and related SharePoint Server components) caused by improper neutralization of input during web page generation. An authorized attacker can spoof the user interface over a network, potentially compromising user experie...
CVE-2025-64672
creationtimestamp| type| source ---|---|--- 2025-12-09 17:29:16+00:00| seen| https://www.thezdi.com/blog/2025/12/9/the-december-2025-security-update-review 2025-12-09 17:40:33+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2025-0384 2025-12-10 13:35:06+00:00| seen|...
Description of the security update for SharePoint Server Subscription Edition: December 9, 2025 (KB5002815)
None None...
Security Updates for Microsoft SharePoint Server Subscription Edition (December 2025)
The Microsoft SharePoint Server Subscription Edition installation on the remote host is missing security updates. It is, therefore, affected by the following vulnerability: - A session spoofing vulnerability exists. An attacker can exploit this to perform actions with the privileges of another...