Cross-Site Scripting Vulnerability in Windows Admin Center by Microsoft
CVE-2026-58643

6.1MEDIUM

Key Information:

Vendor

Microsoft

Vendor
CVE Published:
16 July 2026

What is CVE-2026-58643?

A vulnerability in Windows Admin Center allows attackers to exploit improper input neutralization during web page generation, enabling cross-site scripting (XSS). This flaw permits unauthorized users to execute scripts that can manipulate interactions between users and the affected web application, potentially leading to spoofing attacks across the network. Immediate attention to patching is necessary to mitigate these security concerns.

Affected Version(s)

Windows Admin Center 1809.0 < 2511

References

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.