PT-2026-48658

Improper neutralization of special elements used in an expression language statement 'expression language injection' vulnerability in Soagen Informatics Technologies Software and Consulting Inc. Apinizer allows Code Injection. This issue affects Apinizer: from 2026.04.0 before 2026.04.6...

CVE-2026-45501

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network...

CVE-2026-45481

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...

CVE-2026-42835

Improper neutralization of special elements in output used by a downstream component 'injection' in Microsoft Teams for Android allows an authorized attacker to disclose information over a network...

CVE-2026-25089

A improper neutralization of special elements used in an os command 'os command injection' vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox Cloud 5.0.4 through 5.0.5, FortiSandbox PaaS 5.0.4 through 5.0.5 may...

CVE-2026-49069

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPZOOM Portfolio allows Reflected XSS. This issue affects WPZOOM Portfolio: from n/a through 1.4.21...

EUVD-2026-35511

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...

CVE-2026-47638

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...

CVE-2026-45479

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...

CVE-2026-45468

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...

CVE-2026-45465

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...

CVE-2026-42835

Improper neutralization of special elements in output used by a downstream component 'injection' in Microsoft Teams for Android allows an authorized attacker to disclose information over a network...

CVE-2026-41098

Improper neutralization of input during web page generation 'cross-site scripting' in Azure Stack Edge allows an authorized attacker to perform spoofing over a network...

CVE-2026-45465

CVE-2026-45465 : The vulnerability affects Microsoft Office SharePoint Server and is due to improper neutralization of input during web page generation, resulting in a cross-site scripting (XSS) issue. An authorized attacker can perform network-based spoofing. According to the provided descriptio...

CVE-2026-45462

The CVE-2026-45462 entry describes an XSS vulnerability in Microsoft Office SharePoint where improper neutralization of input during web page generation can enable spoofing over a network. According to the connected records, impact is limited to spoofing with Confidentiality/Integrity/Availabilit...

CVE-2026-47639

CVE-2026-47639 affects Microsoft Office SharePoint Server. The description identifies an Improper neutralization of input during web page generation (XSS) that enables an authorized attacker to perform spoofing over a network. Connected sources corroborate an XSS payload risk in SharePoint, leadi...

CVE-2026-45500

CVE-2026-45500: A cross-site scripting issue in Microsoft Exchange Server arises from improper neutralization of input during web page generation. This vulnerability could enable an unauthorized attacker to perform spoofing over the network. Documents identify Microsoft Exchange Server as affecte...

CVE-2026-45479

The CVE-2026-45479 entries describe an XSS vulnerability in Microsoft Office SharePoint where improper neutralization of input during web page generation can enable an authorized attacker to perform spoofing over the network. Affected product is SharePoint/SharePoint Server; the root cause is lac...

CVE-2026-45468

CVE-2026-45468 involves an improper neutralization of input during web page generation (XSS) in Microsoft Office SharePoint / SharePoint Server . An authorized attacker can perform spoofing over a network by targeting affected SharePoint web pages. The CVSS 3.1 base score is 4.6 (Medium); attack ...

Microsoft SharePoint Server Spoofing Vulnerability

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...