Lucene search
HistoryMar 18, 2024 - 1:15 a.m.
CVE-2023-39223
cve-2023-39223
stored xss
a.k.i software
pmailserver
pmailserver2
security vulnerability
web security
Stored cross-site scripting vulnerability exists in CGIs included in A.K.I Software’s PMailServer/PMailServer2 products. If this vulnerability is exploited, an arbitrary script may be executed on a logged-in user’s web browser.
Affected configurations
Node
a.k.i_softwarepmc.exeMatch2.5.1.720
a.k.i_softwarepmam.exeMatch2.5.1.1411
a.k.i_softwarepmum.exe_\(standard_edition\)Match2.5.1.25451
a.k.i_softwarepmum.exe_\(pro_edition\)Match2.5.1.25452
a.k.i_softwarepmum.exe_\(standard_\+_imap4_edition\)Match2.5.1.25453
a.k.i_softwarepmum.exe_\(pro_\+_imap4_edition_\/_enterprise_edition\)Match2.5.1.25454
CNA Affected
[
{
"vendor": "A.K.I Software",
"product": "pmc.exe",
"versions": [
{
"version": "2.5.1.720 and earlier ",
"status": "affected"
}
]
},
{
"vendor": "A.K.I Software",
"product": "pmam.exe",
"versions": [
{
"version": "2.5.1.1411 and earlier ",
"status": "affected"
}
]
},
{
"vendor": "A.K.I Software",
"product": "pmum.exe (Standard edition)",
"versions": [
{
"version": "2.5.1.25451 and earlier ",
"status": "affected"
}
]
},
{
"vendor": "A.K.I Software",
"product": "pmum.exe (Pro edition)",
"versions": [
{
"version": "2.5.1.25452 and earlier ",
"status": "affected"
}
]
},
{
"vendor": "A.K.I Software",
"product": "pmum.exe (Standard + IMAP4 edition)",
"versions": [
{
"version": "2.5.1.25453 and earlier ",
"status": "affected"
}
]
},
{
"vendor": "A.K.I Software",
"product": "pmum.exe (Pro + IMAP4 edition / Enterprise edition)",
"versions": [
{
"version": "2.5.1.25454 and earlier ",
"status": "affected"
}
]
}
]
