Cross-site scripting (XSS) vulnerability in the HTML encoding for the Compose New Message form in Microsoft Exchange Server 5.5 Outlook Web Access (OWA) allows remote attackers to execute arbitrary web script.
CVSS v2.0 Score
4.3
/ 10.0
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Information
- Published
- 17 nov. 2003
- Updated
- 16 avr. 2026
- Status
- Modified
- Source
- cve@mitre.org
Affected products
microsoft exchange server
Versions : 5.5
Weaknesses (CWE)
CWE-79
References (10)
- http://marc.info/?l=bugtraq&m=106631918405915&w=2Mailing ListThird Party Advisory
- http://www.cert.org/advisories/CA-2003-27.htmlThird Party AdvisoryUS Government Resource
- http://www.kb.cert.org/vuls/id/435444PatchThird Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/8832PatchThird Party AdvisoryVDB Entry
- http://marc.info/?l=bugtraq&m=106631918405915&w=2Mailing ListThird Party Advisory
- http://www.cert.org/advisories/CA-2003-27.htmlThird Party AdvisoryUS Government Resource
- http://www.kb.cert.org/vuls/id/435444PatchThird Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/8832PatchThird Party AdvisoryVDB Entry
Similar CVEs
Other vulnerabilities of type CWE-79
Loading…
Monitor your products
Get automatic alerts for every new CVE affecting your equipment.