Exploit POC for CVE-2023-23397
Appointment.cs : the modified file from https://github.com/Sicos1977/MsgKit/blob/master/MsgKit/Appointment.cs
Exploit.cs : the code i used to replicate creating the malicious appointment . i modified the code picture in MDSEC article here : https://www.mdsec.co.uk/2023/03/exploiting-cve-2023-23397-microsoft-outlook-elevation-of-privilege-vulnerability/
MsgKit.dll : the compiled library from https://github.com/Sicos1977/MsgKit/blob/master/MsgKit which you need to modify to make the exploit work
this POC created for research purposes and am not responsible for any malicious use.