3 matches found
CVE-2015-2544
CVE-2015-2544 is a cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) of Microsoft Exchange Server 2013, affecting Cumulative Update 8/9 and SP1. The issue arises from improper handling/sanitization of crafted email content, allowing remote attackers to inject arbitrary web scri...
CVE-2015-2544
Cross-site scripting XSS vulnerability in Outlook Web Access OWA in Microsoft Exchange Server 2013 Cumulative Update 8 and 9 and SP1 allows remote attackers to inject arbitrary web script or HTML via a crafted e-mail message, aka "Exchange Spoofing Vulnerability."...
KLA10658 Multiple vulnerabilities in Microsoft Exchange Server
Multiple serious vulnerabilities have been found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to spoof user interface or obtain sensitive information. Below is a complete list of vulnerabilities 1. Improper web request handling at Outlook Web Access can be...