Description

Improper control of generation of code ('code injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

Remediation

References

CVE-2025-49704

Related Vulnerabilities

WordPress 3.7.3 Multiple Vulnerabilities (3.7 - 3.7.3)

WordPress Plugin Parcel Tracker eCourier Cross-Site Request Forgery (1.0.1)

WordPress Plugin Tutor LMS-eLearning and online course solution Security Bypass (2.6.2)

WordPress Plugin AutomatorWP-The most flexible and powerful no-code automation for WordPress Cross-Site Request Forgery (2.5.0)

WordPress Plugin Import and export users and customers Multiple Vulnerabilities (1.14.0.2)

Severity

High

Classification

CVE-2025-49704 CWE-94 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities