Security News > 2019 > June > Microsoft Outlook for Android Open to XSS Attacks
2019-06-21 19:50
A spoofing bug (CVE-2019-1105) can open the door to an email attack chain.
News URL
https://threatpost.com/microsoft-outlook-android-xss/145924/
Related news
- Microsoft shares Outlook workaround for Gmail sign-in issues (source)
- Microsoft fixes 6 zero-days under active attack (source)
- Microsoft shares temp fix for Outlook, Word crashes when typing (source)
- Microsoft shares workaround for Outlook crashing after opening (source)
- Microsoft says it broke some Windows 10 patching – as it fixes flaws under attack (source)
- Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks (source)
- Microsoft fixes Outlook email sending issue for users with many folders (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-29 | CVE-2019-1105 | Cross-site Scripting vulnerability in Microsoft Outlook A spoofing vulnerability exists in the way Microsoft Outlook for Android software parses specifically crafted email messages, aka 'Outlook for Android Spoofing Vulnerability'. | 3.5 |