CVE-2023-36891
Published: 08 August 2023
Summary
CVE-2023-36891 is a high-severity Cross-site Scripting (CWE-79) vulnerability in Microsoft Sharepoint Server. Its CVSS base score is 8.0 (High).
Operationally, ranked at the 49.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
Deeper analysis
Microsoft SharePoint Server is affected by CVE-2023-36891, a spoofing vulnerability assigned CWE-79 that carries a CVSS 3.1 base score of 8.0. The flaw permits an attacker to present falsified content or identity information through the server, with the network attack vector, low complexity, and low privileges required indicating that authenticated users can trigger the issue remotely.
An attacker who already possesses low-privileged access can exploit the vulnerability by crafting requests that require user interaction on the target side; successful exploitation can result in high impact to confidentiality, integrity, and availability of SharePoint content and sessions.
The Microsoft Security Response Center advisory at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36891 describes available security updates and configuration guidance for affected SharePoint Server versions.
EPSS for the CVE rose from a low baseline after disclosure to a peak of 0.0741 on 2025-01-22 before receding to the current value of 0.0026, indicating a period of increased exploitation interest well after the original publication date.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-40811
Vulnerability details
Microsoft SharePoint Server Spoofing Vulnerability
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Penetration testing submits XSS payloads to web applications, detecting cross-site scripting flaws for subsequent remediation.
Validates web inputs to reject script-related content that could produce XSS.
Output validation against expected content can reject or sanitize script content in generated web pages, reducing XSS exploitability.