CVE-2020-0903

Published: Mar 12, 2020

Modified: Feb 28, 2025

PUBLISHED

Description

A cross-site-scripting (XSS) vulnerability exists when Microsoft Exchange Server does not properly sanitize a specially crafted web request to an affected Exchange server, aka 'Microsoft Exchange Server Spoofing Vulnerability'.

Vendor	Product	Versions
Microsoft	Microsoft Exchange Server 2019 Cumulative Update 4	affected `unspecified`
Microsoft	Microsoft Exchange Server 2016 Cumulative Update 15	affected `unspecified`
Microsoft	Microsoft Exchange Server 2019 Cumulative Update 3	affected `unspecified`
Microsoft	Microsoft Exchange Server 2016 Cumulative Update 14	affected `unspecified`

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0903

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2020-0903

Description

Affected Products

References