The vulnerability is an improper neutralization of input during web page generation in Microsoft SharePoint, classified as cross‑site scripting. An attacker with authorized access can submit content that is rendered on a page without adequate encoding, allowing the attacker to insert malicious or misleading content. The primary impact is that the page can be visually altered to imitate legitimate elements, resulting in spoofing of the SharePoint interface and deception of users.

Affected systems include Microsoft SharePoint Enterprise Server 2016, Microsoft SharePoint Server 2019, and Microsoft SharePoint Server Subscription Edition. The CVE entry does not specify a particular affected version, so all current releases of these products are considered vulnerable until a patch is installed.

The CVSS score of 4.6 indicates moderate risk, and the EPSS score is not available. The vulnerability is not listed in the CISA KEV catalog. Exploitation requires the attacker to be authenticated and able to submit input that is incorporated into a page. Because it is cross‑site scripting, the attack likely occurs within the context of a legitimate user session, making it less likely to be discovered by automated scanners. The overall risk is moderate, and prompt patching is recommended to eliminate the spoofing risk.