CVE-2001-0726 — Microsoft Exchange Server vulnerability
3 documents3 sources
Severity
7.5HIGHNVD
EPSS
9.9%
top 6.98%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedDec 6
Latest updateApr 30
Description
Outlook Web Access (OWA) in Microsoft Exchange 5.5 Server, when used with Internet Explorer, does not properly detect certain inline script, which can allow remote attackers to perform arbitrary actions on a user's Exchange mailbox via an HTML e-mail message.
CVSS vector
AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4