CVE-2018-16793
CVE-2018-16793 : Concrete details across connected sources show a server-side request forgery (SSRF) in Rollup 18 for Microsoft Exchange Server 2010 SP3 and earlier, exploitable via the username parameter in the OWA login page (/owa/auth/logon.aspx). The underlying issue is a SSRF condition that ...