2927 matches found
Microsoft Exchange Server 服务端请求伪造漏洞
Microsoft Exchange Server is a email service program provided by the American company Microsoft. It offers features such as email access, storage, forwarding, voicemail handling, and email filtering. There are code vulnerabilities in Microsoft Exchange Server. Attackers can exploit these...
Microsoft Exchange Server 跨站脚本漏洞
Microsoft Exchange Server is a set of email service programs provided by the American company Microsoft. It offers features such as email access, storage, forwarding, voicemail handling, and email filtering. Microsoft Exchange Server has a cross-site scripting vulnerability. Attackers utilize thi...
Microsoft Exchange Server 跨站脚本漏洞
Microsoft Exchange Server is a email service program provided by the American company Microsoft. It offers features such as email access, storage, forwarding, voicemail handling, and email filtering. There are code vulnerabilities in Microsoft Exchange Server. Attackers can exploit these...
Microsoft Exchange Server 授权问题漏洞
Microsoft Exchange Server is a email service program provided by the American company Microsoft. It offers features such as email access, storage, forwarding, voicemail handling, and email filtering. There are vulnerabilities related to authorization in Microsoft Exchange Server. Attackers can...
Microsoft Exchange Server 服务端请求伪造漏洞
Microsoft Exchange Server is a email service program provided by the American company Microsoft. It offers features such as email access, storage, forwarding, voicemail handling, and email filtering. There are code vulnerabilities in Microsoft Exchange Server. Attackers can exploit these...
Microsoft Exchange Server 跨站脚本漏洞
Microsoft Exchange Server is a email service program provided by the American company Microsoft. It offers features such as email access, storage, forwarding, voicemail handling, and email filtering. Microsoft Exchange Server has a cross-site scripting vulnerability. Attackers exploit this...
PT-2026-47975
Name of the Vulnerable Software and Affected Versions Microsoft Exchange Server affected versions not specified Description An improper authorization issue leads to Server-side Request Forgery SSRF, a flaw where a server is tricked into making unintended requests to an internal or external...
PT-2026-47709
CVE-2024-56122 - Microsoft Exchange Server Remote Code Execution CVE ID :CVE-2024-56122 Published : June 8, 2026, 10:16 a.m. | 44 minutes ago Description :Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details...
Security Updates for Microsoft Exchange Server (May 2026)
The Microsoft Exchange Server installed on the remote host is missing a security update. It is, therefore, affected by a vulnerability as referenced in the May, 2026 security bulletin. - Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Exchange Serve...
CVE-2026-42897
Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network...
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-42897link is external Microsoft Exchange Server Cross-Site Scripting Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber...
Lack of vulnerability awareness in Microsoft Exchange Server
Microsoft has identified a vulnerability in Microsoft Exchange Server. This vulnerability involves a cross-site scripting XSS issue that arises due to improper handling of user input during the generation of web pages. An unauthorized attacker can inject malicious scripts and perform spoofing...
Microsoft Exchange Server Cross-Site Scripting Vulnerability
Microsoft Exchange Server contains a cross-site scripting vulnerability during web page generation in Outlook Web Access and when certain interaction conditions are met, arbitrary JavaScript can be executed in the browser context...
CVE-2026-42897
Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-42897 Microsoft Exchange Server Spoofing Vulnerability
...
EUVD-2026-30343
Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-42897
Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-42897 Microsoft Exchange Server Spoofing Vulnerability
...
CVE-2026-42897
CVE-2026-42897 affects on-prem Microsoft Exchange Server (2016, 2019, SE) with an XSS flaw in Outlook Web Access caused by improper neutralization of input during web page generation. An attacker could send a crafted email to trigger arbitrary JavaScript execution in the victim’s browser, enablin...
Microsoft Exchange Server Spoofing Vulnerability
Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network...