You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve 2025 64672
About this tag
CVE-2025-64672 is a high-severity SharePoint Server spoofing vulnerability affecting on-premises deployments. Classified as a presentation-layer input neutralization problem (CWE-79 / XSS-style), the flaw can be used to impersonate system UI or responses, enabling follow-on attacks. Microsoft's Security Update Guide lists this as a SharePoint spoofing issue that administrators should treat with urgency. The public trackers show a high severity rating, meaning the vulnerability can be exploited to compromise the integrity of SharePoint communications. Administrators are advised to apply the relevant security patch promptly to mitigate the risk of spoofing attacks against their on-premises SharePoint environments.
Microsoft’s Security Update Guide lists CVE-2025-64672 as a SharePoint Server spoofing vulnerability that administrators must treat with urgency: the advisory classifies the issue as a presentation-layer input neutralization problem (CWE‑79 / XSS-style) and the public trackers show a high...