6 matches found
CVE-2023-48115
SmarterTools SmarterMail 8495 through 8664 before 8747 allows stored DOM XSS because an XSS protection mechanism is skipped when messageHTML and messagePlainText are set in the same request...
CVE-2023-48116
SmarterTools SmarterMail 8495 through 8664 before 8747 allows stored XSS via a crafted description of a Calendar appointment...
Cross site scripting
SmarterTools SmarterMail 8495 through 8664 before 8747 allows stored XSS via a crafted description of a Calendar appointment...
PT-2023-30705 · Smartertools · Smartermail
Name of the Vulnerable Software and Affected Versions: SmarterTools SmarterMail versions 8495 through 8664 Description: The issue allows stored XSS via a crafted description of a Calendar appointment. Recommendations: For versions 8495 through 8664, update to version 8747 or later to resolve the...
SmarterTools SmarterMail Security Breach
SmarterTools SmarterMail is a set of mail server software from SmarterTools. The software supports spam filtering, statistics, Simple Mail Transfer Protocol SMTP authentication, and other features. A security vulnerability exists in SmarterTools SmarterMail versions 8495 through 8664, which stems...
PT-2023-30704 · Smartertools · Smartermail
Name of the Vulnerable Software and Affected Versions: SmarterTools SmarterMail versions 8495 through 8664 before 8747 Description: The issue allows stored DOM XSS because an XSS protection mechanism is skipped when messageHTML and messagePlainText are set in the same request. Recommendations: Fo...