#microsoft

Windows Nearby Sharing Elevation of Privilege Vulnerability

Windows Event Tracing Elevation of Privilege Vulnerability

DirectX Graphics Kernel Elevation of Privilege Vulnerability

Microsoft is excited to announce the addition of Power Platform to the newly rebranded Dynamics 365 and Power Platform Bounty Program. Through this expanded program, we encourage researchers to discover and report high impact security vulnerabilities they may find in the new Power Platform scope to help protect customers. We offer awards up to $20,000 USD for eligible submissions.

*What is the attack vector for this vulnerability?* In a network-based attack, an authenticated attacker can gain access to create a site and could execute code remotely within the SharePoint Server.

*Is the Preview Pane an attack vector for this vulnerability?* Yes, the Preview Pane is an attack vector.

*Is the Preview Pane an attack vector for this vulnerability?* No, the Preview Pane is not an attack vector.

*What kind of information can be disclosed?* An attacker can gain access to an organizational's email, sites, filename, url of file...

*Is the Preview Pane an attack vector for this vulnerability?* No, the Preview Pane is not an attack vector.

*Is the Preview Pane an attack vector for this vulnerability?* No, the Preview Pane is not an attack vector.