Stored cross-site scripting vulnerability exists in CGIs included in A.K.I Software’s PMailServer/PMailServer2 products. If this vulnerability is exploited, an arbitrary script may be executed on a logged-in user’s web browser.
[
{
"vendor": "A.K.I Software",
"product": "pmc.exe",
"versions": [
{
"version": "2.5.1.720 and earlier ",
"status": "affected"
}
]
},
{
"vendor": "A.K.I Software",
"product": "pmam.exe",
"versions": [
{
"version": "2.5.1.1411 and earlier ",
"status": "affected"
}
]
},
{
"vendor": "A.K.I Software",
"product": "pmum.exe (Standard edition)",
"versions": [
{
"version": "2.5.1.25451 and earlier ",
"status": "affected"
}
]
},
{
"vendor": "A.K.I Software",
"product": "pmum.exe (Pro edition)",
"versions": [
{
"version": "2.5.1.25452 and earlier ",
"status": "affected"
}
]
},
{
"vendor": "A.K.I Software",
"product": "pmum.exe (Standard + IMAP4 edition)",
"versions": [
{
"version": "2.5.1.25453 and earlier ",
"status": "affected"
}
]
},
{
"vendor": "A.K.I Software",
"product": "pmum.exe (Pro + IMAP4 edition / Enterprise edition)",
"versions": [
{
"version": "2.5.1.25454 and earlier ",
"status": "affected"
}
]
}
]