New Microsoft Exchange ‘ProxyToken’ Flaw Lets Attackers Reconfigure Mailboxes

Details have emerged about a now-patched security vulnerability impacting the Microsoft Exchange Server that could be weaponized by an unauthenticated attacker to modify server configurations, thus leading to the disclosure of Personally Identifiable Information (PII).
The issue, tracked as CVE-2021-33766 (CVSS score: 7.3) and coined “ProxyToken,” was discovered by Le Xuan Tuyen, a researcher at

Source:: The Hackers News