) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
Search Parameters:
- CPE Product Version: cpe:/a:microsoft:exchange_server:2013:cumulative_update_17
There are 2 matching records.
Displaying matches 1 through 2.
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2019-1137 |
A cross-site-scripting (XSS) vulnerability exists when Microsoft Exchange Server does not properly sanitize a specially crafted web request to an affected Exchange server, aka 'Microsoft Exchange Server Spoofing Vulnerability'. Published: July 15, 2019; 3:15:21 PM -0400 |
V3.1: 5.4 MEDIUM V2.0: 3.5 LOW |
| CVE-2017-11761 |
Microsoft Exchange Server 2013 and Microsoft Exchange Server 2016 allow an input sanitization issue with Microsoft Exchange that could potentially result in unintended Information Disclosure, aka "Microsoft Exchange Information Disclosure Vulnerability" Published: September 12, 2017; 9:29:08 PM -0400 |
V3.0: 5.3 MEDIUM V2.0: 5.0 MEDIUM |