CVE-2005-0563

Опубликовано: 14 июн. 2005

Источник: nvd

CVSS2: 4.3

EPSS Средний

Описание

Cross-site scripting (XSS) vulnerability in Microsoft Outlook Web Access (OWA) component in Exchange Server 5.5 allows remote attackers to inject arbitrary web script or HTML via an email message with an encoded javascript: URL ("jav&#X41sc ript:") in an IMG tag.

Ссылки

http://secunia.com/advisories/15697
Third Party Advisory
http://www.idefense.com/application/poi/display?id=261&type=vulnerabilities
Patch
Third Party Advisory
http://www.securityfocus.com/bid/13952
Third Party Advisory
VDB Entry
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-029
Patch
Vendor Advisory
http://secunia.com/advisories/15697
Third Party Advisory
http://www.idefense.com/application/poi/display?id=261&type=vulnerabilities
Patch
Third Party Advisory
http://www.securityfocus.com/bid/13952
Third Party Advisory
VDB Entry
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-029
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:microsoft:exchange_server:5.5:-:*:*:*:*:*:*

EPSS

Процентиль: 96%

0.22959

Средний

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-3gv6-jr8r-hr5r

github

больше 3 лет назад