Cross-site scripting (XSS) vulnerability in the HTML encoding for the Compose New Message form in Microsoft Exchange Server 5.5 Outlook Web Access (OWA) allows remote attackers to execute arbitrary web script.
Score CVSS v2.0
4.3
/ 10.0
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Informations
- Publié
- 17 nov. 2003
- Mis à jour
- 16 avr. 2026
- Statut
- Modified
- Source
- cve@mitre.org
Produits affectés
microsoft exchange server
Versions : 5.5
Faiblesses (CWE)
CWE-79
Références (10)
- http://marc.info/?l=bugtraq&m=106631918405915&w=2Mailing ListThird Party Advisory
- http://www.cert.org/advisories/CA-2003-27.htmlThird Party AdvisoryUS Government Resource
- http://www.kb.cert.org/vuls/id/435444PatchThird Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/8832PatchThird Party AdvisoryVDB Entry
- http://marc.info/?l=bugtraq&m=106631918405915&w=2Mailing ListThird Party Advisory
- http://www.cert.org/advisories/CA-2003-27.htmlThird Party AdvisoryUS Government Resource
- http://www.kb.cert.org/vuls/id/435444PatchThird Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/8832PatchThird Party AdvisoryVDB Entry
CVEs similaires
Autres vulnérabilités de type CWE-79
Loading…
Surveillez vos produits
Recevez une alerte automatique à chaque nouvelle CVE affectant vos équipements.