Microsoft Exchange Server Outlook Web Access Script Injection Vulnerability

Microsoft Exchange Server Outlook Web Access Script Injection Vulnerability

Attackers can exploit this issue by sending a malicious email. Exploit code is not required.

A proof of concept that targets browsers other than Internet Explorer is available.

/data/vulnerabilities/exploits/OWA_poc.pl