Rumble Mail Server is a mail server suite for SMTP (ESMTPSA), HTTP, POP3 and IMAP4v1 by Daniel Gruno, a personal developer.A cross-site scripting vulnerability exists in Rumble Mail Server version 0.51.3135, which stems from the username parameterβs lack of data validation filtering for user The vulnerability stems from a lack of checksum filtering of user-supplied data and output data in the username parameter. An attacker could exploit this vulnerability to execute JavaScript code on the client side.
CPE | Name | Operator | Version |
---|---|---|---|
rumble mail server rumble mail server | eq | 0.51.3135 |