Information security
fromtheregister
16 hours agoExploited Exchange Server flaw turns OWA inboxes into script launchpads
CVE-2026-42897 in on-prem Exchange OWA can enable arbitrary JavaScript execution via crafted emails, with emergency mitigation potentially breaking inline images and calendar printing.