2 matches found
CVE-2015-2543
CVE-2015-2543 is an XSS vulnerability in Outlook Web Access (OWA) of Microsoft Exchange Server 2013 Cumulative Update 8 and 9. The issue allows remote attackers to inject arbitrary web script or HTML via a crafted e‑mail message. Affected product details are Exchange Server 2013 CU8/CU9 (OWA); ro...
KLA10658 Multiple vulnerabilities in Microsoft Exchange Server
Multiple serious vulnerabilities have been found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to spoof user interface or obtain sensitive information. Below is a complete list of vulnerabilities 1. Improper web request handling at Outlook Web Access can be...