CNNVD-202507-1130 Information

Jul 08, 2025 cve

CNNVD ID

CNNVD-202507-1130

CVE-2025-49704

  • CNNVD Published: 2025-07-08

Description (Chinese)

Microsoft SharePoint是美国微软(Microsoft)公司的一套企业业务协作平台。该平台用于对业务信息进行整合,并能够共享工作、与他人协同工作、组织项目和工作组、搜索人员和信息。 Microsoft SharePoint存在代码注入漏洞。攻击者利用该漏洞可以远程执行代码。以下产品和版本受到影响:Microsoft SharePoint Enterprise Server 2016,Microsoft SharePoint Server 2019。

Description (English)

Microsoft SharePoint is a corporate collaboration platform for Microsoft (MSC) in the United States. The platform is used to integrate operational information and to share work, work with others, organize projects and working groups, searchers and information. Microsoft SharePoint has a code plugged in. The attackers used the loophole to implement the code remotely. The following products and versions were affected: Microsoft SharePoint Enterprise Server 2016, Microsoft SharePoint Server 2019.

Hazard Level

Medium

Vulnerability Type

代码注入

Affected Vendor

微软

Published

2025-07-08

Last Modified

2026-02-24

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49704

Patch

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49704

Share on: