CVE-2026-42897
HIGH
NVD
CVSS Score
8.1
Severity
HIGH
Published
May 14, 2026
Vendor
unknown
Description
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.