CVE-2026-42897: Microsoft Exchange Server Cross-Site Scripting

Microsoft Exchange Server Cross-Site Scripting Vulnerability. Microsoft Exchange Server contains a cross-site scripting vulnerability during web page generation in Outlook Web Access and when certain interaction conditions are met, arbitrary JavaScript can be executed in the browser context.

Browse the CVE database

Read the full analysis on IntelFusions