Описание
Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server 2000 SP1 through SP3, when running Outlook Web Access (OWA), allows user-assisted remote attackers to inject arbitrary HTML or web script via unknown vectors related to "HTML parsing."
Ссылки
- Mailing ListThird Party Advisory
- PatchThird Party Advisory
- PatchThird Party AdvisoryVDB Entry
- Third Party AdvisoryUS Government Resource
- Broken Link
- Third Party Advisory
- PatchThird Party AdvisoryVDB Entry
- Third Party AdvisoryUS Government Resource
- Permissions Required
- PatchVendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Mailing ListThird Party Advisory
- PatchThird Party Advisory
- PatchThird Party AdvisoryVDB Entry
- Third Party AdvisoryUS Government Resource
- Broken Link
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:microsoft:exchange_server:2000:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:exchange_server:2000:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:exchange_server:2000:sp3:*:*:*:*:*:*
EPSS
Процентиль: 98%
0.58917
Средний
2.6 Low
CVSS2
Дефекты
CWE-79
Связанные уязвимости
github
почти 4 года назад
Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server 2000 SP1 through SP3, when running Outlook Web Access (OWA), allows user-assisted remote attackers to inject arbitrary HTML or web script via unknown vectors related to "HTML parsing."
EPSS
Процентиль: 98%
0.58917
Средний
2.6 Low
CVSS2
Дефекты
CWE-79