07/08/2025

ZDI-25-820: (0Day) Microsoft SharePoint IsAuthorizedType Deserialization of Untrusted Data Information Disclosure and Denial-of-Service Vulnerability

This vulnerability allows remote attackers to disclose sensitive information or create a denial-of-service condition on affected installations of Microsoft SharePoint. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.1.

Comments are closed.

You may also like

ZDI-25-641: (0Day) Ashlar-Vellum Graphite VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

ZDI-25-444: PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability