Outlook Web App (OWA) in Microsoft Exchange Server 2013 SP1 and Cumulative Update 6 does not properly validate redirection tokens, which allows remote attackers to redirect users to arbitrary web sites and spoof the origin of e-mail messages via unspecified vectors, aka "Exchange URL Redirection Vulnerability."
                
            References
                    Configurations
                    Configuration 1 (hide)
| 
 | 
History
                    No history.
Information
                Published : 2014-12-11 00:59
Updated : 2025-04-12 10:46
NVD link : CVE-2014-6336
Mitre link : CVE-2014-6336
CVE.ORG link : CVE-2014-6336
JSON object : View
Products Affected
                microsoft
- exchange_server
CWE
                
                    
                        
                        CWE-20
                        
            Improper Input Validation
