Microsoft Exchange Server vulnerability CVE-2026-42897 under active exploitation
Cross-site scripting flaw in on-premise Exchange servers enables spoofing attacks via crafted emails.
Tag: cross-site scripting
CISA Adds Microsoft Exchange XSS Vulnerability to KEV Catalog
CVE-2026-42897 joins the Known Exploited Vulnerabilities list following evidence of active exploitation in the wild.