Actively Exploited in the Wild

This vulnerability is being actively exploited in the wild.

Primary

Context

Microsoft Exchange Server Cross-Site Scripting Vulnerability Allowing Spoofing

Vulnerability

Exploited

A cross-site scripting vulnerability has been identified in Microsoft Exchange Server. This issue arises from improper input neutralization during web page generation, allowing an unauthorized attacker to perform spoofing over the network. The vulnerability affects multiple versions of Microsoft Exchange Server, including the Subscription Edition RTM, Exchange Server 2019 Cumulative Update 15, Exchange Server 2019 Cumulative Update 14, and Exchange Server 2016 Cumulative Update 23.

Impact

Exploitation of this vulnerability allows for spoofing attacks, where an attacker can impersonate another user or entity.

Remediation

Users can enable the Exchange Emergency Mitigation Service, which provides automatic mitigation for this vulnerability. More information and instructions are available on the Microsoft Exchange blog.

Added: May 14, 2026, 6:25 PM

Updated: May 15, 2026, 5:05 PM

Vulnerability Rating

Custom Algorithm

spread

6.4

impact

1.7

exploitability

8.3

remediation

7.9

relevance

8.3

threat

8.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.4

impact

1.7

exploitability

8.3

remediation

7.9

relevance

8.3

threat

8.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Actively Exploited in the Wild

Microsoft Exchange Server Cross-Site Scripting Vulnerability Allowing Spoofing

Vulnerability

Impact

Remediation

Affected Products

Microsoft Exchange Server

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating