1544 matches found
CVE-2026-45501
Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network...
EUVD-2026-35506
Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network...
EUVD-2026-35681
Improper control of generation of code 'code injection' in Microsoft Exchange Server allows an unauthorized attacker to execute code over a network...
EUVD-2026-35679
Improper authorization in Microsoft Exchange Server allows an authorized attacker to disclose information over a network...
CVE-2026-45503
Server-side request forgery ssrf in Microsoft Exchange Server allows an authorized attacker to disclose information over a network...
CVE-2026-45501
Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-47631
The CVE-2026-47631 entry concerns Microsoft Exchange Server with a vulnerability in the rendering of web pages, described as improper neutralization of input during web page generation (cross-site scripting). The underlying issue allows an unauthorized attacker to spoof users over the network. Th...
CVE-2026-47631 Microsoft Exchange Server Spoofing Vulnerability
...
CVE-2026-45583 Microsoft Exchange Server Remote Code Execution Vulnerability
...
CVE-2026-45504 Microsoft Exchange Server Elevation of Privilege Vulnerability
...
CVE-2026-45583 Microsoft Exchange Server Remote Code Execution Vulnerability
...
CVE-2026-45504 Microsoft Exchange Server Elevation of Privilege Vulnerability
...
CVE-2026-45504
CVE-2026-45504 is an SSRF-based elevation of privilege in Microsoft Exchange Server . The entry notes an attacker who is authorized can elevate privileges over the network. CVSS v3.1 base score is 8.8 (HIGH) with NETWORK attack vector, LOW attack complexity, and LOW privileges required, with NONE...
CVE-2026-45503 Microsoft Exchange Server Information Disclosure Vulnerability
...
CVE-2026-45502 Microsoft Exchange Server Information Disclosure Vulnerability
...
CVE-2026-45503 Microsoft Exchange Server Information Disclosure Vulnerability
...
CVE-2026-45501
CVE-2026-45501 concerns Microsoft Exchange Server. The issue is improper neutralization of input during web page generation, i.e., a cross-site scripting vulnerability that can allow an unauthorized attacker to perform spoofing over a network. CVSS 3.1 base score 6.5 (Medium): attack vector Netwo...
CVE-2026-45501 Microsoft Exchange Server Spoofing Vulnerability
...
CVE-2026-45500 Microsoft Exchange Server Spoofing Vulnerability
...
CVE-2026-45500
CVE-2026-45500: A cross-site scripting issue in Microsoft Exchange Server arises from improper neutralization of input during web page generation. This vulnerability could enable an unauthorized attacker to perform spoofing over the network. Documents identify Microsoft Exchange Server as affecte...