Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-21987: Microsoft SharePoint Server Spoofing Vulnerability

According to the CVSS, User Interaction is Required. What interaction would the user have to do?

Exploitation of the vulnerability requires that a target be lured to and make use of a specially crafted functionality on a SharePoint page created by the attacker.

An attacker would have no way to force users to visit the website. Instead, an attacker would have to convince users to click a link, typically by way of an enticement in an email or instant message, and then convince them to use the intended functionality.

Microsoft Security Response Center
#vulnerability#web#microsoft#Microsoft Office SharePoint#Security Vulnerability

Microsoft Security Response Center: Latest News

CVE-2024-49060: Azure Stack HCI Elevation of Privilege Vulnerability