CVE-2026-45468
MediumCVSS 4.6Exploitation Probability (EPSS)
Low risk19th percentile - higher than 19% of all known CVEs
Summary
Microsoft Office SharePoint has an improper neutralization of input during web page generation, leading to a cross-site scripting vulnerability. An authorized attacker can exploit this flaw to perform spoofing over a network.
Risk Assessment
The organization may be exposed to attacks that could lead to data theft or system integrity breaches. An attacker could impersonate others on the network.
Recommendation
It is recommended to update Microsoft Office SharePoint to the latest version to patch this vulnerability. A web application security audit should also be conducted.
Original NVD description (English source)
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.

