Microsoft Office Online Server open to SSRF-to-RCE exploit
![Microsoft Office Online Server open to SSRF-to-RCE exploit](https://portswigger.net/cms/images/aa/6d/ba04-article-ms_online.jpg)
Behavior functioning as intended, Microsoft reportedly says, and offers mitigation advice instead
![](https://portswigger.net/cms/images/aa/6d/ba04-article-ms_online.jpg)
Microsoft Office Online Server open to SSRF-to-RCE exploit
![](https://www.bleepstatic.com/images/news/security/microsoft/exchange/proxyshell/active-exploitation/backdoors/rich-tweet.jpg)
Microsoft Exchange servers are getting hacked via ProxyShell exploits
![](https://www.volexity.com/wp-content/uploads/2021/03/MS-Exchange-graphic-banner.png)
Operation Exchange Marauder: Active Exploitation of Multiple Zero-Day Microsoft Exchange Vulnerabilities
![](https://miro.medium.com/v2/resize:fit:802/0*Ey8ZXRAnTb-caH9F.png)
Beginner Guide To Exploit Server Side Request Forgery (SSRF) Vulnerability, by Muh. Fani Akbar
![](https://www.stellarinfo.com/blog/wp-content/uploads/2022/10/run-eomt-v2-scripts-to-mitigate-risks-proxylogon.png)
Attackers Exploit New Zero-Day ProxyNotShell Vulnerabilities on Exchange Server
![](https://cdn.infrasos.com/wp-content/uploads/2024/01/Untitled-2-1.png)
Zero-Day Vulnerabilities in Microsoft Exchange: A Deep Dive
![](https://cymulate.com/uploaded-files/2022/04/image-png-Mar-15-2021-11-08-56-50-AM.png)
The Mechanics of The APT Attack on Microsoft Exchange
![](https://images.squarespace-cdn.com/content/v1/5894c269e4fcb5e65a1ed623/3707021b-7ec7-4d27-a848-93cfbbebf1bd/exploit.png)
Zero Day Initiative — Unpatched Powerful SSRF in Exchange OWA – Getting Response Through Attachments
![](https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt1c826a0ad0fbf0cb/654e399738ae8e040a02da22/sharepoint_monticello_shutterstock.jpg)
Researchers Release Details of New RCE Exploit Chain for SharePoint