The host is installed with Microsoft Exchange Server 2013 or 2016 and is prone to an open redirect vulnerability. A flaw is present in the application, which fails to properly handle a specially crafted URL. Successful exploitation could allow attackers to trick the user and potentially acquire sensitive information, such as the user's credentials.