CVE-2025-24989

⚠ KEVEPSS 31.6%

Microsoft Power Pages Improper Access Control Vulnerability

Added to CISA KEV: 2/21/2025

Description

Microsoft Power Pages contains an improper access control vulnerability that allows an unauthorized attacker to elevate privileges over a network potentially bypassing the user registration control.

Affected packages (0)

No package mapping in OSV.