CVE-2023-24955CISA KEVEPSS p99.7%

CVE-2023-24955Microsoft SharePoint Server Code Injection Vulnerability

Microsoft / SharePoint Server

Description

Microsoft SharePoint Server contains a code injection vulnerability that allows an authenticated attacker with Site Owner privileges to execute code remotely.

Scoring

EPSS85.39% probability of exploitation · percentile 99.7% · 2026-06-15T12:03:41Z

CISA KEV entry

Added to KEV: 2024-03-26

(incoming)1

TypeTargetConfidenceTier
KEVEntryMicrosoft SharePoint Server Code Injection Vulnerabilitykev-cve-2023-249550%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-29794
CVE
Microsoft SharePoint Code Injection Vulnerability
CVE
CVE-2026-20947
CVE
CVE-2026-47298
CVE
Microsoft SharePoint Server Privilege Escalation Vulnerability
CVE
Microsoft SharePoint Deserialization of Untrusted Data Vulnerability
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.