Microsoft

Exchange Server

220 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2015-1632

  • EPSS 6.64%
  • Veröffentlicht 11.03.2015 10:59:34
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in errorfe.aspx in Outlook Web App (OWA) in Microsoft Exchange Server 2013 SP1 and Cumulative Update 7 allows remote attackers to inject arbitrary web script or HTML via the msgParam parameter in an authError ...

4.3

CVE-2015-1630

  • EPSS 6.94%
  • Veröffentlicht 11.03.2015 10:59:33
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in Outlook Web App (OWA) in Microsoft Exchange Server 2013 SP1 and Cumulative Update 7 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "Audit Report Cross Site Scripting V...

4.3

CVE-2015-1629

  • EPSS 6.94%
  • Veröffentlicht 11.03.2015 10:59:32
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in Outlook Web App (OWA) in Microsoft Exchange Server 2013 SP1 and Cumulative Update 7 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "ExchangeDLP Cross Site Scripting Vu...

4.3

CVE-2015-1628

  • EPSS 6.94%
  • Veröffentlicht 11.03.2015 10:59:31
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in Outlook Web App (OWA) in Microsoft Exchange Server 2013 SP1 and Cumulative Update 7 allows remote attackers to inject arbitrary web script or HTML via a crafted X-OWA-Canary cookie in an AD.RecipientType.Us...

3.5

CVE-2014-6336

  • EPSS 3.8%
  • Veröffentlicht 11.12.2014 00:59:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Outlook Web App (OWA) in Microsoft Exchange Server 2013 SP1 and Cumulative Update 6 does not properly validate redirection tokens, which allows remote attackers to redirect users to arbitrary web sites and spoof the origin of e-mail messages via unsp...

4.3

CVE-2014-6326

  • EPSS 5.13%
  • Veröffentlicht 11.12.2014 00:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server 2013 SP1 and Cumulative Update 6 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "OWA XSS Vulnerability," a different vulnerability than CVE-2...

4.3

CVE-2014-6325

  • EPSS 5.13%
  • Veröffentlicht 11.12.2014 00:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server 2013 SP1 and Cumulative Update 6 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "OWA XSS Vulnerability," a different vulnerability than CVE-2...

5

CVE-2014-6319

  • EPSS 5.14%
  • Veröffentlicht 11.12.2014 00:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Outlook Web App (OWA) in Microsoft Exchange Server 2007 SP3, 2010 SP3, and 2013 SP1 and Cumulative Update 6 does not properly validate tokens in requests, which allows remote attackers to spoof the origin of e-mail messages via unspecified vectors, a...

4.3

CVE-2013-5072

  • EPSS 6.19%
  • Veröffentlicht 11.12.2013 00:55:04
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in Outlook Web Access in Microsoft Exchange Server 2010 SP2 and SP3 and 2013 Cumulative Update 2 and 3 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "OWA XSS Vulnerabili...

6.8

CVE-2013-0418

  • EPSS 25.1%
  • Veröffentlicht 17.01.2013 01:55:06
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7 and 8.4 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability t...