3 matches found
CVE-2015-1630
CVE-2015-1630 is an XSS vulnerability in Outlook Web App (OWA) for Microsoft Exchange Server 2013 SP1 and Cumulative Update 7. The issue arises in processing of user-supplied URLs in OWA (Audit Report Cross Site Scripting). Attacks can inject arbitrary script/HTML via a crafted URL, impacting web...
Microsoft Exchange Server Privilege Escalation Vulnerability (3040856)
This host is missing an important security update according to Microsoft Bulletin MS15-026. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE...
KLA10591 Code injection in Microsoft Exchange Server
Multiple XSS vulnerabilities were found in Microsoft Exchange Server. By exploiting these vulnerabilities malicious users can inject arbitrary web script or spoof user interface. These vulnerabilities can be exploited remotely via a specially designed URL, msgParam or other unknown vectors...