A newly disclosed remote code execution (RCE) vulnerability in Microsoft SharePoint has been identified, affecting the deserialization process of WebPart properties.

The vulnerability enables attackers to execute arbitrary code through carefully crafted XML payloads embedded within SharePoint Web Parts, potentially compromising entire SharePoint environments.