Vulnerabilities (CVE)

Filtered by vendor Microsoft Subscribe

Filtered by product Account

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2026-21264	1 Microsoft	1 Account	2026-02-03	N/A	9.3 CRITICAL
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Account allows an unauthorized attacker to perform spoofing over a network.
CVE-2025-21396	1 Microsoft	1 Account	2025-02-12	N/A	8.2 HIGH
Missing authorization in Microsoft Account allows an unauthorized attacker to elevate privileges over a network.