9 matches found
CVE-2018-15513
Log viewer in totemomail 6.0.0 build 570 allows access to sessionIDs of high privileged users by leveraging access to a read-only auditor role...
CVE-2018-15511
Cross-site scripting XSS vulnerability in the 'Notification template' feature of totemomail 6.0.0 build 570 allows remote attackers to inject arbitrary web script or HTML...
CVE-2018-15510
Cross-site scripting XSS vulnerability in the 'Certificate' feature of totemomail 6.0.0 build 570 allows remote attackers to inject arbitrary web script or HTML...
Cross site scripting
Cross-site scripting XSS vulnerability in the 'Certificate' feature of totemomail 6.0.0 build 570 allows remote attackers to inject arbitrary web script or HTML...
Cross site scripting
Cross-site scripting XSS vulnerability in the 'Authorisation Service' feature of totemomail 6.0.0 build 570 allows remote attackers to inject arbitrary web script or HTML...
CVE-2018-15511
CVE-2018-15511 – totemomail 6.0.0 build 570 suffers a cross-site scripting (XSS) vulnerability in the Notification template feature. The description confirms an attacker can inject arbitrary web script or HTML via this feature. Connected sources (NVD/NVD-derived records, PRION/CVE lists, and EUVD...
CVE-2018-15511
Cross-site scripting XSS vulnerability in the 'Notification template' feature of totemomail 6.0.0 build 570 allows remote attackers to inject arbitrary web script or HTML...
CVE-2018-15510
The vulnerability CVE-2018-15510 affects totemomail 6.0.0 build 570 in the Certificate feature, where an XSS flaw allows remote attackers to inject arbitrary web script or HTML. Documents indicate the issue is real but do not provide exploit details, affected versions beyond the specific build, i...
CVE-2018-15513
Log viewer in totemomail 6.0.0 build 570 allows access to sessionIDs of high privileged users by leveraging access to a read-only auditor role...