Microsoft · Outlook Web Access · CVE-2018-8153
**Name of the Vulnerable Software and Affected Versions**
Microsoft Exchange Server (affected versions not specified)
**Description**
A spoofing issue exists when Outlook Web Access (OWA) fails to properly handle web requests. This could allow an attacker to perform script or content injection attacks and trick users into disclosing sensitive information. An attacker could also redirect users to a malicious website that could spoof content or be used to chain an attack with other vulnerabilities in web services.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.