Multiple OWA xss vulnerabilities - MS15-026ID: oval:org.secpod.oval:def:23751 | Date: (C)2015-03-11 (M)2024-03-26 |
Class: PATCH | Family: windows |
The host is missing an important security update according to Microsoft security bulletin, MS15-026. The update is required to fix multiple OWA xss vulnerabilities. The flaws are present in the application, which fail to properly sanitize page content in Outlook Web App. Successful exploitation could allow attackers to execute arbitrary code.
Platform: |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Server 2012 |
Microsoft Windows Server 2012 R2 |
Product: |
Microsoft Exchange Server 2013 |