Home/Tag/Owa

Owa

3 articles tagged with "Owa"

Vulnerabilities4 min read

Microsoft Finally Patches Exchange OWA Zero-Day After 26-Day Wait

Microsoft releases CVE-2026-42897 fix for Exchange Server OWA XSS vulnerability exploited since May. ESU-only updates for 2016/2019 leave many systems exposed.

Marcus ChenJun 12, 2026

Vulnerabilities4 min read

Exchange OWA Zero-Day CVE-2026-42897 Exploited — No Patch

Microsoft Exchange Server zero-day CVE-2026-42897 enables session hijacking via malicious emails. Active exploitation confirmed with no permanent fix available.

Marcus ChenJun 1, 2026

Vulnerabilities3 min read

Exchange Server Zero-Day CVE-2026-42897 Exploited via Crafted Emails

Microsoft confirms active exploitation of CVE-2026-42897, an XSS flaw in Exchange OWA that executes JavaScript via malicious emails. No patch available yet.

Marcus ChenMay 16, 2026