Behavior functioning as intended, Microsoft reportedly says, and offers mitigation advice instead
Security Advisory: Critical Vulnerability for Microsoft Exchange
Microsoft Exchange Server — Attack 2021, by Dhanishtha Awasthi
How to Mitigate CVE-2022-41040- A 0-Day SSRF Vulnerability in Microsoft Exchange Server - The Sec Master
Nicolas Joly (@n_joly) / X
Microsoft Exchange Server Zero-Day Vulnerabilities Exploited
OWASSRF: CrowdStrike Identifies New Method for Bypassing ProxyNotShell Mitigations
Microsoft Exchange servers are getting hacked via ProxyShell exploits
Customer Guidance for Reported Zero-day Vulnerabilities in Microsoft Exchange Server, MSRC Blog
ProxyNotShell— the story of the claimed zero days in Microsoft Exchange, by Kevin Beaumont
Security Advisory: Critical Vulnerability for Microsoft Exchange
Microsoft Exchange Server-Side Forgery Request (Proxylogin)
Zero Day Initiative — Unpatched Powerful SSRF in Exchange OWA – Getting Response Through Attachments