Microsoft Outlook Express URI Obfuscation Vulnerability

Microsoft Outlook Express URI Obfuscation Vulnerability

No exploit is required. The following proof of concept is reported to be sufficient to trigger this issue:

<BASE href=http://www.example1.com target=_top>
<A href="http://www.example2.com">http://www.example1.com</A>