
PoC Released for Microsoft Exchange SSRF Flaw That Lets Low-Privileged Users Read Files
A newly disclosed server-side request forgery (SSRF) vulnerability in Microsoft Exchange Server 2019, tracked as CVE-2026-45504, allows any authenticated, low-privileged user to read arbitrary files from the server without additional authorization. Security researcher Batuhan Er of the HawkTrace team published the technical breakdown along with a working proof-of-concept (PoC), assigning the flaw a CVSS score […]
The post PoC Released for Microsoft Exchange SSRF Flaw That Lets Low-Privileged Users Read Files appeared first on Cyber Security News.