Vulnerability Details CVE-2004-0203
Cross-site scripting (XSS) vulnerability in Outlook Web Access for Exchange Server 5.5 Service Pack 4 allows remote attackers to insert arbitrary script and spoof content in HTML email or web caches via an HTML redirect query.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.257
EPSS Ranking 96.0%
CVSS Severity
CVSS v2 Score 4.3
References
- http://www.kb.cert.org/vuls/id/948750
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-026
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16583
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2016
- http://www.kb.cert.org/vuls/id/948750
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-026
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16583
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2016
Products affected by CVE-2004-0203
-
cpe:2.3:a:microsoft:exchange_server:5.5