Rollup 18 for Microsoft Exchange Server 2010 SP3 and previous versions has an SSRF vulnerability via the username parameter in /owa/auth/logon.aspx in the OWA (Outlook Web Access) login page.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
microsoft exchange server 2010 |
Vulmon