Server-side request forgery (ssrf) in Microsoft Exchange allows an authorized attacker to elevate privileges over a network.