Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in Outlook Web App (OWA) in Microsoft Exchange Server 2013 SP1 and Cumulative Update 7 allows remote attackers to inject arbitrary web script or HTML via a crafted X-OWA-Canary cookie in an AD.RecipientType.User action, aka "OWA Modified Canary Parameter Cross Site Scripting Vulnerability."
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft Outlook Web App 跨站脚本漏洞
Vulnerability Description
Microsoft Exchange Server是美国微软(Microsoft)公司的一套电子邮件服务程序,它提供邮件存取、储存、转发,语音邮件,邮件过滤筛选等功能。Outlook Web App(OWA)是其中的一个用于访问Exchange邮箱的Web浏览器版本。 Microsoft Exchange Server中的OWA存在跨站脚本漏洞,该漏洞源于程序无法正确整理OWA中的页面内容。攻击者可以通过修改OWA中的属性,然后诱使用户浏览目标OWA站点利用该漏洞在当前用户的上下文中运行脚本。以下产品及版
CVSS Information
N/A
Vulnerability Type
N/A