CISA Warns of Microsoft Exchange Server Vulnerability Exploited in Attacks

CISA has issued a fresh warning about a newly disclosed Microsoft Exchange Server vulnerability that is already being exploited in real-world attacks, raising concerns for organizations relying on on-premises email infrastructure. The flaw CVE-2026-42897 is a cross-site scripting (XSS) vulnerability affecting Microsoft Exchange Server, specifically within Outlook Web Access (OWA). According to the official advisory, the […] The post CISA Warns of Microsoft Exchange Server Vulnerability Exploited in Attacks appeared first on Cyber Security News.