exploitDog

GHSA-3gv6-jr8r-hr5r

Опубликовано: 01 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Cross-site scripting (XSS) vulnerability in Microsoft Outlook Web Access (OWA) component in Exchange Server 5.5 allows remote attackers to inject arbitrary web script or HTML via an email message with an encoded javascript: URL ("jav&#X41sc ript:") in an IMG tag.

Cross-site scripting (XSS) vulnerability in Microsoft Outlook Web Access (OWA) component in Exchange Server 5.5 allows remote attackers to inject arbitrary web script or HTML via an email message with an encoded javascript: URL ("jav&#X41sc ript:") in an IMG tag.

Ссылки

EPSS

Процентиль: 96%

0.22959

Средний

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2005-0563

nvd

больше 20 лет назад

Cross-site scripting (XSS) vulnerability in Microsoft Outlook Web Access (OWA) component in Exchange Server 5.5 allows remote attackers to inject arbitrary web script or HTML via an email message with an encoded javascript: URL ("jav&#X41sc
ript:") in an IMG tag.

EPSS

Процентиль: 96%

0.22959

Средний

CVE ID

Дефекты

CWE-79