Citrix Session Recording Security Bulletin for CVE-2023-6184

A vulnerability has been discovered in Citrix Session Recording, which, if exploited, may result in an authenticated user being able to perform an RCE. Affected Versions: The following supported versions of Citrix Session Recording are affected by the vulnerability: Current Release CR Citrix...

Webcam redirection in double hop is not working

Webcam is not working anymore in a double hop scenario. If the first hop VDA is 1912CU3 webcam redirects fine. However if first hop VDA is CVAD 1912 CU8 VDA then webcam redirection fails. With https://webcamtests.com/ when clicking on "Test my cam" an error is seen. "Your webcam is being used or...

Microsoft Exchange Server 授权问题漏洞

Microsoft Exchange Server is the United States Microsoft Microsoft company's set of e-mail service program. It provides email access, storage, forwarding, voice mail, email filtering and screening, and other features. An authorization issue vulnerability exists in Microsoft Exchange Server. The...

Microsoft Exchange 2019 - Unauthenticated Email Download Exploit

Exploit Title: Microsoft Exchange 2019 - Unauthenticated Email Download Metasploit Exploit Author: RAMELLA Sébastien Vendor Homepage: https://microsoft.com Version: This vulnerability affects Exchange 2013 Versions 'Microsoft Exchange ProxyLogon Collector', 'Description' = %q This module scan for...

Microsoft Lync Server Security Vulnerability

Microsoft Lync Server formerly known as Microsoft Office Communicator is a set of enterprise integrated communication platform from Microsoft. The platform is capable of integrating different communication methods into a single platform across PCs, the Web, and other mobile devices such as cell...

Citrix Systems StoreFront Server XML External Entity Injection Vulnerability

Citrix Systems StoreFront Server is an enterprise application store from Citrix Systems USA. The product focuses on providing users with an interface to remotely access XenDesktop and XenApp virtual desktops and applications. An XML external entity injection vulnerability exists in Citrix Systems...

CVE-2018-0941

CVE-2018-0941 describes an information disclosure in Microsoft Exchange Server 2016 when using Cumulative Updates 7 and 8, caused by how data is imported. Affected product: Exchange Server 2016 CU7/CU8. The issue is a vulnerability in the data import process that leads to exposure of sensitive in...

CVE-2015-2543

Cross-site scripting XSS vulnerability in Outlook Web Access OWA in Microsoft Exchange Server 2013 Cumulative Update 8 and 9 allows remote attackers to inject arbitrary web script or HTML via a crafted e-mail message, aka "Exchange Spoofing Vulnerability."...

CVE-2015-2543

CVE-2015-2543 is an XSS vulnerability in Outlook Web Access (OWA) of Microsoft Exchange Server 2013 Cumulative Update 8 and 9. The issue allows remote attackers to inject arbitrary web script or HTML via a crafted e‑mail message. Affected product details are Exchange Server 2013 CU8/CU9 (OWA); ro...