Arbitrary Web Script Execution via XSS in Microsoft Exchange Server 5.5 OWA Compose New Message Form

Arbitrary Web Script Execution via XSS in Microsoft Exchange Server 5.5 OWA Compose New Message Form

CVE-2003-0712 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in the HTML encoding for the Compose New Message form in Microsoft Exchange Server 5.5 Outlook Web Access (OWA) allows remote attackers to execute arbitrary web script.

Learn more about our Cis Benchmark Audit For Microsoft Exchange Server.