GHSA-pc2q-pf7r-rf2wHighCVSS 8.0

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft...

Published
June 9, 2026
Last Modified
June 9, 2026

🔗 CVE IDs covered (1)

📋 Description

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Live Share Canvas SDK allows an authorized attacker to elevate privileges over a network.

🔗 References (3)