← back
CVE-2010-2091

CVE-2010-2091

EPSS 17.9%
Microsoft Outlook Web Access (OWA) 8.2.254.0, when Internet Explorer 7 on Windows Server 2003 is used, does not properly handle the id parameter in a Folder IPF.Note action to the default URI, which might allow remote attackers to obtain sensitive information or conduct cross-site scripting (XSS) attacks via an invalid value.
Affected products
n/a · n/a
public PoCs found2
cve_referencewww.exploit-db.com/exploits/12728unverifiedexploitdbwww.exploit-db.com/exploits/12728unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/58835http://www.exploit-db.com/exploits/12728http://www.securityfocus.com/archive/1/511401/100/0/threadedhttp://www.securityfocus.com/archive/1/511416/100/0/threadedhttp://www.securityfocus.com/archive/1/511448/100/0/threaded