PatchSiren cyber security CVE debrief
CVE-2026-45481 Microsoft CVE debrief
CVE-2026-45481 is a HIGH-severity vulnerability (CVSS Score: 7.3) affecting Microsoft Office SharePoint. The vulnerability is caused by improper neutralization of input during web page generation, allowing for cross-site scripting (XSS) attacks. An authorized attacker can exploit this vulnerability to perform spoofing over a network.
- Vendor
- Microsoft
- Product
- Office SharePoint
- CVSS
- HIGH 7.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-09
- Original CVE updated
- 2026-06-09
- Advisory published
- 2026-06-09
- Advisory updated
- 2026-06-09
Who should care
Administrators and users of Microsoft Office SharePoint should be aware of this vulnerability and take necessary precautions to mitigate the risk.
Technical summary
The vulnerability is caused by improper neutralization of input during web page generation, allowing for cross-site scripting (XSS) attacks. This vulnerability has a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N.
Defensive priority
HIGH
Recommended defensive actions
- Apply patches or updates provided by Microsoft to vulnerable systems.
- Implement additional security measures, such as input validation and output encoding, to prevent XSS attacks.
- Monitor systems for suspicious activity and implement incident response plans in case of a potential attack.
Evidence notes
The vendor is identified as 'Unknown Vendor' with low confidence, and evidence suggests the product may be related to Microsoft.
Official resources
-
CVE-2026-45481 CVE record
CVE.org
-
CVE-2026-45481 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
CVE-2026-45481 was published on 2026-06-09T17:17:22.417Z and modified on 2026-06-09T19:32:51.440Z.