Cross-site scripting (XSS) vulnerability in Outlook Web Access for Exchange Server 5.5 Service Pack 4 allows remote attackers to insert arbitrary script and spoof content in HTML email or web caches via an HTML redirect query.
Software | From | Fixed in |
---|---|---|
microsoft / exchange_server | 5.5 | 5.5.x |
microsoft / exchange_server | 5.5-sp1 | 5.5-sp1.x |
microsoft / exchange_server | 5.5-sp2 | 5.5-sp2.x |
microsoft / exchange_server | 5.5-sp3 | 5.5-sp3.x |
microsoft / exchange_server | 5.5-sp4 | 5.5-sp4.x |