CVE-2026-42897
Known Exploited (CISA KEV)HIGH
7.4
CVSS Severity Score
Vulnerability Description
Microsoft Microsoft is vulnerable to Microsoft Exchange Server Cross-Site Scripting Vulnerability. Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Affected Platforms (CPE)
📦
Microsoft