3 matches found
CVE-2015-1629
CVE-2015-1629 is a Cross-site scripting (XSS) vulnerability in Outlook Web App (OWA) of Microsoft Exchange Server 2013 SP1 with CU7. The root cause is improper sanitization of page content in OWA, allowing remote attackers to inject arbitrary script/HTML via a crafted URL. Affected product: Micro...
Microsoft Exchange Server Privilege Escalation Vulnerability (3040856)
This host is missing an important security update according to Microsoft Bulletin MS15-026. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE...
KLA10591 Code injection in Microsoft Exchange Server
Multiple XSS vulnerabilities were found in Microsoft Exchange Server. By exploiting these vulnerabilities malicious users can inject arbitrary web script or spoof user interface. These vulnerabilities can be exploited remotely via a specially designed URL, msgParam or other unknown vectors...