CVE-2006-1193
low
Microsoft CVSS v3 Base Score
2.6
AV:N/AC:H/Au:N/C:N/I:P/A:N
EPSS Score
43.7%
Exploitation probability in 30 days
Top 2% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
High
Confidentiality
None
Integrity
P
Availability
None
Published: June 13, 2006 (7274 days ago)
Last Modified: April 16, 2026
Vendor: Microsoft
Source: NVD
Vulnerability Report
Generated by CyberWatcher
Description
Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server 2000 SP1 through SP3, when running Outlook Web Access (OWA), allows user-assisted remote attackers to inject arbitrary HTML or web script via unknown vectors related to "HTML parsing."
CWE
CWE-79Affected Products
microsoft exchange server