CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
AI Score
Confidence
Low
EPSS
Percentile
45.5%
Mailsite Express allows remote attackers to upload and execute files with executable extensions such as ASP by attaching the file using the “compose page” feature, then accessing the file from the cache directory before saving or sending the message.
Vendor | Product | Version | CPE |
---|---|---|---|
rockliffe | mailsite_express | * | cpe:2.3:a:rockliffe:mailsite_express:*:*:*:*:*:*:*:* |