Lucene search
K

33 matches found

Securelist
Securelist
added 2024/12/12 10:0 a.m.9 views

Careto is back: what’s new after 10 years of silence?

During the first week of October, Kaspersky took part in the 34th Virus Bulletin International Conference, one of the longest-running cybersecurity events. There, our researchers delivered multiple presentations, and one of our talks focused on newly observed activities by the Careto threat actor...

7.1AI score
Exploits0
OSV
OSV
added 2024/11/15 11:15 a.m.3 views

CVE-2024-11182

An XSS issue was discovered in MDaemon Email Server before version 24.5.1c. An attacker can send an HTML e-mail message with JavaScript in an img tag. This could allow a remote attacker to load arbitrary JavaScript code in the context of a webmail user's browser window...

6.1CVSS6AI score0.17105EPSS
Exploits0References2
NVD
NVD
added 2024/11/15 11:15 a.m.23 views

CVE-2024-11182

An XSS issue was discovered in MDaemon Email Server before version 24.5.1c. An attacker can send an HTML e-mail message with JavaScript in an img tag. This could allow a remote attacker to load arbitrary JavaScript code in the context of a webmail user's browser window...

6.1CVSS0.17105EPSS
Exploits0References2
CVE
CVE
added 2024/11/15 10:43 a.m.193 views

CVE-2024-11182

MDaemon Email Server is affected by CVE-2024-11182: an XSS in HTML emails containing JavaScript in an img tag, exploitable in the webmail UI prior to version 24.5.1c. Impact is loading arbitrary JavaScript in the browser context of a webmail user. The vendor patched to 24.5.1c (Nov 14, 2024); exp...

6.1CVSS6AI score0.17105EPSS
In wildExploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/11/15 10:43 a.m.17 views

CVE-2024-11182 Stored XSS vulnerability in MDaemon Email Server

An XSS issue was discovered in MDaemon Email Server before version 24.5.1c. An attacker can send an HTML e-mail message with JavaScript in an img tag. This could allow a remote attacker to load arbitrary JavaScript code in the context of a webmail user's browser window...

5.3CVSS6.3AI score0.17105EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/15 10:43 a.m.46 views

CVE-2024-11182 Stored XSS vulnerability in MDaemon Email Server

An XSS issue was discovered in MDaemon Email Server before version 24.5.1c. An attacker can send an HTML e-mail message with JavaScript in an img tag. This could allow a remote attacker to load arbitrary JavaScript code in the context of a webmail user's browser window...

5.3CVSS0.17105EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/11/15 12:0 a.m.4 views

PT-2024-16805

Name of the Vulnerable Software and Affected Versions MDaemon Email Server versions prior to 24.5.1c Description An XSS issue was discovered in MDaemon Email Server, allowing a remote attacker to load arbitrary JavaScript code in the context of a webmail user's browser window by sending an HTML...

6.4CVSS7.7AI score0.17105EPSS
Exploits0References41
CNNVD
CNNVD
added 2024/11/15 12:0 a.m.5 views

MDaemon Email Server 安全漏洞

MDaemon Email Server is an email server from MDaemon, Inc. A security vulnerability exists in MDaemon Email Server versions prior to 24.5.1c, which stems from the presence of a cross-site scripting XSS vulnerability that could allow a remote attacker to load arbitrary JavaScript code in the conte...

6.1CVSS8.4AI score0.17105EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2024/11/15 12:0 a.m.7 views

CVE-2024-11182

An XSS issue was discovered in MDaemon Email Server before version 24.5.1c. An attacker can send an HTML e-mail message with JavaScript in an img tag. This could allow a remote attacker to load arbitrary JavaScript code in the context of a webmail user’s browser window. Recent assessments: Assess...

6.1CVSS6.3AI score0.17105EPSS
In wildExploits0References2
OSV
OSV
added 2019/12/17 7:15 p.m.5 views

CVE-2019-19497

MDaemon Email Server 17.5.1 allows XSS via the filename of an attachment to an email message...

5.4CVSS6.1AI score0.00602EPSS
Exploits1References2
Prion
Prion
added 2019/12/17 7:15 p.m.17 views

Cross site scripting

MDaemon Email Server 17.5.1 allows XSS via the filename of an attachment to an email message...

3.5CVSS5.2AI score0.00602EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2019/12/17 6:40 p.m.23 views

CVE-2019-19497

MDaemon Email Server 17.5.1 allows XSS via the filename of an attachment to an email message...

5.3AI score0.00602EPSS
Exploits1References2
NVD
NVD
added 2019/07/16 1:15 p.m.18 views

CVE-2019-13612

MDaemon Email Server 19 through 20.0.1 skips SpamAssassin checks by default for e-mail messages larger than 2 MB and limits checks to 10 MB even with special configuration, which is arguably inconsistent with currently popular message sizes. This might interfere with risk management for malicious...

7.5CVSS7.5AI score0.01321EPSS
Exploits0References1
Rows per page
Query Builder