Ensure custom script execution is restricted on site collections
Why This Matter
Custom scripts in SharePoint run in the context of the visiting user, giving them access to everything that user can see across Microsoft 365 services, including through Microsoft Graph. Without restriction, malicious or poorly written scripts can expose sensitive data, and administrators lose the ability to audit what code runs, where it runs, and who deployed it. Allowing custom script also prevents the organization from enforcing governance, scoping code capabilities, or blocking malicious code entirely.
What Aether365 Checks
Aether365 verifies that both Prevent users from running custom script on personal sites and Prevent users from running custom script on self-service created sites are enabled in the SharePoint admin center. This check appears in your Aether365 dashboard under the Microsoft 365 compliance checks.