Description

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.

Remediation

References

CVE-2026-26105

Related Vulnerabilities

WordPress Plugin WordPress Page Contact SQL Injection (1.0)

Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2024-1635)

MySQL CVE-2020-2779 Vulnerability (CVE-2020-2779)

MySQL CVE-2012-1690 Vulnerability (CVE-2012-1690)

WordPress Plugin iThemes Security (formerly Better WP Security) SQL Injection (7.0.2)

Severity

Critical

Classification

CVE-2026-26105 CWE-707 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N

Tags

Missing Update Known Vulnerabilities