Lucene search
K

4 matches found

Cvelist
Cvelist
added 2015/03/11 10:0 a.m.29 views

CVE-2015-1632

Cross-site scripting XSS vulnerability in errorfe.aspx in Outlook Web App OWA in Microsoft Exchange Server 2013 SP1 and Cumulative Update 7 allows remote attackers to inject arbitrary web script or HTML via the msgParam parameter in an authError action, aka "Exchange Error Message Cross Site...

5.3AI score0.11786EPSS
Exploits0References2
CVE
CVE
added 2015/03/11 10:0 a.m.62 views

CVE-2015-1632

The CVE-2015-1632 issue is a Cross-site scripting vulnerability in Outlook Web App (OWA) errorfe.aspx of Microsoft Exchange Server 2013 SP1 and Cumulative Update 7, exploitable via the msgParam parameter in an authError action. The root cause is improper sanitization of error messages in OWA, ena...

4.3CVSS5.5AI score0.11786EPSS
Exploits0References2Affected Software1
OpenVAS
OpenVAS
added 2015/03/11 12:0 a.m.34 views

Microsoft Exchange Server Privilege Escalation Vulnerability (3040856)

This host is missing an important security update according to Microsoft Bulletin MS15-026. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE...

5CVSS4.9AI score0.11786EPSS
Exploits0References2
Kaspersky
Kaspersky
added 2015/03/10 12:0 a.m.77 views

KLA10591 Code injection in Microsoft Exchange Server

Multiple XSS vulnerabilities were found in Microsoft Exchange Server. By exploiting these vulnerabilities malicious users can inject arbitrary web script or spoof user interface. These vulnerabilities can be exploited remotely via a specially designed URL, msgParam or other unknown vectors...

5CVSS6.1AI score0.11786EPSS
Exploits0References8
Rows per page
Query Builder