← back
CVE-2010-3213

CVE-2010-3213

EPSS 8.5%
Cross-site request forgery (CSRF) vulnerability in Microsoft Outlook Web Access (owa/ev.owa) 2007 through SP2 allows remote attackers to hijack the authentication of e-mail users for requests that perform Outlook requests, as demonstrated by setting the auto-forward rule.
Affected products
n/a · n/a
public PoCs found2
exploitdbwww.exploit-db.com/exploits/14285unverifiedcve_referencewww.exploit-db.com/exploits/14285unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/60164http://sites.google.com/site/tentacoloviola/pwning-corporate-webmailshttp://www.exploit-db.com/exploits/14285http://www.securityfocus.com/bid/41462