In an Exchange Server 2013 environment, if security update 3150501 (dated June 14, 2016) is installed, HTML input tags are evaluated by a new function, and this prevents information disclosure. However, an input tag without an image such as <input type=text value=valuecontent> in the body of an email message may not be evaluated as expected and may not be displayed in Outlook Web Access.
Cumulative update information
For Exchange Server 2013This optimization is included in Cumulative Update 15 for Exchange Server 2013 or a later cumulative update for Exchange Server 2013.
PrerequisitesYou must have security update 3150501 that is dated June 14, 2016 installed to get this HTML optimization.
Article ID: 3198092 - Last Review: Dec 13, 2016 - Revision: 1