Lucene search
China National Vulnerability DatabaseCNVD-2022-63575HistoryApr 07, 2022 - 12:00 a.m.
Rumble Mail Server Cross-Site Scripting Vulnerability (CNVD-2022-63575)
2022-04-0700:00:00
China National Vulnerability Database
www.cnvd.org.cn
10
0.001 Low
EPSS
Percentile
38.9%
Rumble Mail Server is a mail server suite for SMTP (ESMTPSA), HTTP, POP3, and IMAP4v1 from Daniel Gruno’s personal developer.Rumble Mail Server version 0.51.3135 is vulnerable to a cross-site scripting vulnerability that stems from the servername parameter lacks a data validation filter for user-supplied data and output. An attacker could exploit this vulnerability to execute JavaScript code on the client side.
| CPE | Name | Operator | Version |
|---|---|---|---|
| rumble mail server rumble mail server | eq | 0.51.3135 |
Related
cve
cve
CVE-2021-43461
2022-04-04 16:15:08
nvd
nvd
CVE-2021-43461
2022-04-04 16:15:08
prion
prion
Cross site scripting
2022-04-04 16:15:00
cvelist
cvelist
CVE-2021-43461
2022-04-04 15:34:31