Lucene search
Japan Vulnerability NotesJVN:26860747HistoryApr 23, 2015 - 12:00 a.m.
JVN#26860747: TransmitMail vulnerable to cross-site scripting
2015-04-2300:00:00
Japan Vulnerability Notes
jvn.jp
19
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
48.1%
TransmitMail is a PHP based mail form. TransmitMail contains a cross-site scripting (CWE-79) vulnerability due to the processing of file names.
Impact
An arbitrary script may be executed on the userβs web browser.
Solution
Update the Software
Update to the latest version according to the information provided by the developer.
Products Affected
- TransmitMail 1.0.11 to 1.5.8
Related
cve
cve
CVE-2015-0910
2015-04-24 01:59:00
prion
prion
Cross site scripting
2015-04-24 01:59:00
cvelist
cvelist
CVE-2015-0910
2015-04-24 01:00:00
nvd
nvd
CVE-2015-0910
2015-04-24 01:59:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
48.1%
Related for JVN:26860747