Microsoft patched CVE-2026-55019 on July 14, 2026, closing a SharePoint Server cross-site scripting flaw that could let an authenticated attacker spoof content shown to another user. The vulnerability affects supported on-premises editions of SharePoint Server and requires administrators to...