Cross-site scripting (XSS) vulnerability in the HTML encoding for the Compose New Message form in Microsoft Exchange Server 5.5 Outlook Web Access (OWA) allows remote attackers to execute arbitrary web script.
http://www.securityfocus.com/bid/8832
http://www.kb.cert.org/vuls/id/435444
http://www.cert.org/advisories/CA-2003-27.html
http://marc.info/?l=bugtraq&m=106631918405915&w=2
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-047
Source: Mitre, NVD
Published: 2003-11-17
Updated: 2026-06-16
Base Score: 4.3
Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N
Severity: Medium
Base Score: 6.1
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS: 0.24689