0.001 Low
EPSS
Percentile
43.5%
An issue was discovered in Openfind Mail2000 6.0 and 7.0 Webmail. XSS can occur via an ‘<object data="data:text/html’ substring in an e-mail message (The vendor subsequently patched this).
gist.github.com/keniver/1f6092242ee79a8456a86bb7624bc171
www.openfind.com.tw/taiwan/download/m2k/patch/Openfind_OF-ISAC-19-004.pdf
www.openfind.com.tw/taiwan/download/m2k/patch/Openfind_OF-ISAC-19-005.pdf