Microsoft Outlook Web Access (OWA) - Information Disclosure Vulnerability

EDB-ID: 12728 CVE: 2010-2091 OSVDB-ID: 64980
Author: Praveen Darshanam Published: 2010-05-24 Verified: Not Verified
Exploit Code:   Download Vulnerable App:   N/A


Prev Home Next

"Microsoft Outlook Web Access (OWA) version"

OS: Windows Server 2003

Internet Explorer 7


There is an information disclosure vulnerability in "Microsoft Outlook Web
Access (OWA) version".

The issue is with the id parameter.

Following are different exploitation techniques:<script>alert("HHH")</script<>

Best Regards,
Praveen Darshanam,
Security Researcher,