CVE-2023-36897
CVE-2023-36897 is a spoofing vulnerability in the Visual Studio Tools for Office (VSTO) Runtime. It can allow impersonation of another user and is tied to Office/VSTO deployments. Evidence from multiple sources (MSRC/KB5029497, Nessus plugin, NCSC advisory) indicates the issue affects VSTO runtim...