CVE-2025-49701 – Microsoft Office SharePoint Cross-Site Scripting (XSS)

July 9, 2025

CVE ID : CVE-2025-49701

Published : July 8, 2025, 5:15 p.m. | 13 hours, 9 minutes ago

Description : Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-49704 – Microsoft Office SharePoint Remote Code Execution Vulnerability

Next Article CVE-2025-49697 – Microsoft Office Heap Buffer Overflow Vulnerability

Highlights

CVE-2025-46718 – “sudo-rs Sudo Privilege Listing Vulnerability”

May 12, 2025

CVE ID : CVE-2025-46718

Published : May 12, 2025, 3:16 p.m. | 1 hour, 18 minutes ago

Description : sudo-rs is a memory safe implementation of sudo and su written in Rust. Prior to version 0.2.6, users with limited sudo privileges (e.g. execution of a single command) can list sudo privileges of other users using the `-U` flag. This vulnerability allows users with limited sudo privileges to enumerate the sudoers file, revealing sensitive information about other users’ permissions. Attackers can collect information that can be used to more targeted attacks. Systems where users either do not have sudo privileges or have the ability to run all commands as root through sudo (the default configuration on most systems) are not affected by this advisory. Version 0.2.6 fixes the vulnerability.

Severity: 3.3 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

A Week In The Life Of An AI-Augmented Designer

This week in AI updates: Gemini Code Assist Agent Mode, GitHub’s Agents panel, and more (August 22, 2025)

Microsoft adds Copilot-powered debugging features for .NET in Visual Studio

Blackstone portfolio company R Systems Acquires Novigo Solutions, Strengthening its Product Engineering and Full-Stack Agentic-AI Capabilities

I found the ultimate MacBook Air alternative for Windows users – and it’s priced well

Outdated IT help desks are holding businesses back – but there is a solution

Android’s latest update can force apps into dark mode – how to see it now

I tried the Google Pixel Watch 4 – and these key features made it feel indispensable

Building Cross-Platform Alerts with Laravel’s Notification Framework

Building Cross-Platform Alerts with Laravel’s Notification Framework

Add Notes Functionality to Eloquent Models With the Notable Package

How to install OpenPlatform — IoT platform

Basics of Digital Forensics

Basics of Digital Forensics

Top Linux Server Automation Tools: Simplifying System Administration

Rising from the Ashes: How AlmaLinux and Rocky Linux Redefined the Post-CentOS Landscape

CVE-2025-49701 – Microsoft Office SharePoint Cross-Site Scripting (XSS)

“What happens online stays online” and other cyberbullying myths, debunked

The need for speed: Why organizations are turning to rapid, trustworthy MDR

AI and its impact on the developer experience, or ‘where is the joy?’

Parasoft C/C++test 2025.1, Secure Code Warrior AI Security Rules, and more – Daily News Digest

Ubuntu Unity vs. GNOME: Choosing the Right Ubuntu Experience for Your Workflow

Better defaults for your Laravel applications with Essentials

CVE-2025-46718 – “sudo-rs Sudo Privilege Listing Vulnerability”

Critical AWS Amplify Studio Flaw Allows Code Execution – Update Now!

CVE-2025-49825 – Teleport Remote Authentication Bypass Vulnerability

Our favorite mobile controller is at the lowest price it’s ever been — “Well and truly the best at what it does”

CVE-2025-49701 – Microsoft Office SharePoint Cross-Site Scripting (XSS)

Related Posts