Cross site scripting

2022-11-1823:15:00

PRIOn knowledge base

www.prio-n.com

seppmail

cross-site scripting

xss

vulnerability

recipient address

nvd

0.001 Low

EPSS

Percentile

34.2%

JSON

The SEPPmail solution is vulnerable to a Cross-Site Scripting vulnerability (XSS), because user input is not correctly encoded in HTML attributes when returned by the server.SEPPmail 11.1.10 allows XSS via a recipient address.

CPENameOperatorVersion
seppmaileq11.1.10

CPE	Name	Operator	Version
	seppmail	eq	11.1.10

References

www.pentagrid.ch/en/blog/multiple-vulnerabilities-in-seppmail/

0.001 Low

EPSS

Percentile

34.2%

JSON

Related for PRION:CVE-2021-31739