VYPR
Unrated severityNVD Advisory· Published Mar 12, 2020· Updated Feb 28, 2025

CVE-2020-0903

CVE-2020-0903

Description

A cross-site-scripting (XSS) vulnerability exists when Microsoft Exchange Server does not properly sanitize a specially crafted web request to an affected Exchange server, aka 'Microsoft Exchange Server Spoofing Vulnerability'.

Affected products

5
  • Microsoft/Microsoft Exchange Server 2016 Cumulative Update 14v5
    Range: unspecified
  • Microsoft/Microsoft Exchange Server 2016 Cumulative Update 15v5
    Range: unspecified
  • Microsoft/Microsoft Exchange Server 2019 Cumulative Update 3v5
    Range: unspecified
  • Microsoft/Microsoft Exchange Server 2019 Cumulative Update 4v5
    Range: unspecified

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.