Vulnerability Details CVE-2004-0203
Cross-site scripting (XSS) vulnerability in Outlook Web Access for Exchange Server 5.5 Service Pack 4 allows remote attackers to insert arbitrary script and spoof content in HTML email or web caches via an HTML redirect query.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.147
EPSS Ranking 94.6%
CVSS Severity
CVSS v2 Score 4.3
References
- http://www.kb.cert.org/vuls/id/948750
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-026
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16583
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2016
- http://www.kb.cert.org/vuls/id/948750
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-026
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16583
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2016
Products affected by CVE-2004-0203
-
cpe:2.3:a:microsoft:exchange_server:5.5