Microsoft Microsoft Power Pages
3 CVEs affecting Microsoft Microsoft Power Pages. Latest disclosed: 2026-05-22. Critical: 2, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-23652 | Critical | 10.0 | 2026-05-22 | Improper neutralization of special elements used in a command ('command injection') in Microsoft Power Pages allows an unauthorized attacker to execute code ov… |
CVE-2025-47733 | Critical | 9.1 | 2025-05-08 | Server-Side Request Forgery (SSRF) in Microsoft Power Apps allows an unauthorized attacker to disclose information over a network |
CVE-2025-24989 | High | 8.2 | 2025-02-19 | An improper access control vulnerability in Power Pages allows an unauthorized attacker to elevate privileges over a network potentially bypassing the user reg… |