SSD Advisory – Microsoft Exchange Server Information Disclosure Proof of Concept (MS15-103)
Introduction A security vulnerability in Microsoft Exchange has been discovered that allows attackers to cause the server to return the cookie information inside the HTML response. This would allow an attacker to use Javascript to access, the otherwise inaccessible, cookie information and utilize this information to login to an active Exchange Server’s OWA web …
