CVE-2023-24955

Microsoft SharePoint Server contains a code injection vulnerability that allows an authenticated attacker with Site Owner privileges to execute code remotely. Vendor/Product: Microsoft SharePoint Server. Added to CISA KEV 2024-03-26; required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.