Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2015-1629


Vulnerability Score 4.3 4.3
CVE Id CVE-2015-1629
Last Modified 11 Sep 2015 11:53:20
Published 11 Mar 2015 06:59:32
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



Cross-site scripting (XSS) vulnerability in Outlook Web App (OWA) in Microsoft Exchange Server 2013 SP1 and Cumulative Update 7 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "ExchangeDLP Cross Site Scripting Vulnerability."

Vulnerable Systems


  • Microsoft Exchange Server 2013


MS - MS15-026

SECTRACK - 1031900

Related Patches

MS15-026 Security Update For Exchange Server 2013 SP1 (KB3040856)

MS15-026 Security Update For Exchange Server 2013 CU7 (KB3040856)

Last Updated: 27 May 2016 11:08:04