Description

Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.

Remediation

References

CVE-2025-30384

Related Vulnerabilities

Python Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2018-1000802)

WordPress Plugin Insert or Embed Articulate Content into WordPress Remote Code Execution (4.2997)

SharePoint CVE-2021-26418 Vulnerability (CVE-2021-26418)

SharePoint Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-1443)

WordPress Plugin WP Quick FrontEnd Editor Multiple Vulnerabilities (5.5)

Severity

High

Classification

CVE-2025-30384 CWE-502 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities