Cross-Site Scripting (CVE-2005-0543; CVE-2014-4075; CVE-2014-4116; CVE-2014-6325; CVE-2014-6365; CVE-2015-1636; CVE-2015-1640; CVE-2015-1757)

...

CVE-2014-6325

Cross-site scripting XSS vulnerability in Microsoft Exchange Server 2013 SP1 and Cumulative Update 6 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "OWA XSS Vulnerability," a different vulnerability than CVE-2014-6326...

Cross site scripting

Cross-site scripting XSS vulnerability in Microsoft Exchange Server 2013 SP1 and Cumulative Update 6 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "OWA XSS Vulnerability," a different vulnerability than CVE-2014-6325...

CVE-2014-6325

Technical details for CVE-2014-6325 are not publicly available in the provided documents. Monitor for updates.

KLA10611 Multiple vulnerabilities in Microsoft Exchange Server

Multiple serious vulnerabilities have been found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to gain privileges or spoof user interface. Below is a complete list of vulnerabilities 1. An improper tokens validation can be exploited remotely via an unspecified...

MS14-075: Vulnerabilities in Microsoft Exchange Server Could Allow Elevation of Privilege (3009712)

The version of Microsoft Exchange installed on the remote host is affected by multiple vulnerabilities : - A token spoofing vulnerability exists due to Microsoft Outlook Web App OWA not properly validating request tokens. A remote attacker can exploit this vulnerability by convincing a user to...