Cross-site request forgery (CSRF) vulnerability in Microsoft Outlook Web Access (owa/ev.owa) 2007 through SP2 allows remote attackers to hijack the authentication of e-mail users for requests that perform Outlook requests, as demonstrated by setting the auto-forward rule.
CPE | Name | Operator | Version |
---|---|---|---|
outlook_web_access | eq | 2007 sp1 | |
outlook_web_access | eq | 2007 | |
outlook_web_access | eq | 2007 sp2 |