Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

640 matches found

CVE
CVEadded 2024/11/15 10:43 a.m.186 views

CVE-2024-11182

MDaemon Email Server is affected by CVE-2024-11182: an XSS in HTML emails containing JavaScript in an img tag, exploitable in the webmail UI prior to version 24.5.1c. Impact is loading arbitrary JavaScript in the browser context of a webmail user. The vendor patched to 24.5.1c (Nov 14, 2024); exp...

6.1CVSS6AI score0.13521EPSS
In wildExploits0References2Affected Software1
Cvelist
Cvelistadded 2024/11/15 10:43 a.m.31 views

CVE-2024-11182 Stored XSS vulnerability in MDaemon Email Server

An XSS issue was discovered in MDaemon Email Server before version 24.5.1c. An attacker can send an HTML e-mail message with JavaScript in an img tag. This could allow a remote attacker to load arbitrary JavaScript code in the context of a webmail user's browser window...

5.3CVSS0.13521EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2024/11/15 10:43 a.m.15 views

CVE-2024-11182 Stored XSS vulnerability in MDaemon Email Server

An XSS issue was discovered in MDaemon Email Server before version 24.5.1c. An attacker can send an HTML e-mail message with JavaScript in an img tag. This could allow a remote attacker to load arbitrary JavaScript code in the context of a webmail user's browser window...

5.3CVSS6.3AI score0.13521EPSS
Exploits0References1
CNNVD
CNNVDadded 2024/11/15 12:0 a.m.2 views

MDaemon Email Server 安全漏洞

MDaemon Email Server is an email server from MDaemon, Inc. A security vulnerability exists in MDaemon Email Server versions prior to 24.5.1c, which stems from the presence of a cross-site scripting XSS vulnerability that could allow a remote attacker to load arbitrary JavaScript code in the conte...

6.1CVSS8.4AI score0.13521EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2024/11/15 12:0 a.m.2 views

PT-2024-16805

Name of the Vulnerable Software and Affected Versions MDaemon Email Server versions prior to 24.5.1c Description An XSS issue was discovered in MDaemon Email Server, allowing a remote attacker to load arbitrary JavaScript code in the context of a webmail user's browser window by sending an HTML...

6.4CVSS7.7AI score0.13521EPSS
Exploits0References41
ATTACKERKB
ATTACKERKBadded 2024/11/15 12:0 a.m.6 views

CVE-2024-11182

An XSS issue was discovered in MDaemon Email Server before version 24.5.1c. An attacker can send an HTML e-mail message with JavaScript in an img tag. This could allow a remote attacker to load arbitrary JavaScript code in the context of a webmail user’s browser window. Recent assessments: Assess...

6.1CVSS6.3AI score0.13521EPSS
In wildExploits0References2
ATTACKERKB
ATTACKERKBadded 2023/12/31 1:15 a.m.2 views

CVE-2023-52269

MDaemon SecurityGateway through 9.0.3 allows XSS via a crafted Message Content Filtering rule. This might allow domain administrators to conduct attacks against global administrators...

4.8CVSS5.8AI score0.00066EPSS
Exploits1References3
OSV
OSVadded 2023/12/31 1:15 a.m.3 views

CVE-2023-52269

MDaemon SecurityGateway through 9.0.3 allows XSS via a crafted Message Content Filtering rule. This might allow domain administrators to conduct attacks against global administrators...

4.8CVSS5.8AI score0.00066EPSS
Exploits1References2
NVD
NVDadded 2023/12/31 1:15 a.m.15 views

CVE-2023-52269

MDaemon SecurityGateway through 9.0.3 allows XSS via a crafted Message Content Filtering rule. This might allow domain administrators to conduct attacks against global administrators...

4.8CVSS0.00066EPSS
Exploits1References2
Prion
Prionadded 2023/12/31 1:15 a.m.16 views

Cross site scripting

MDaemon SecurityGateway through 9.0.3 allows XSS via a crafted Message Content Filtering rule. This might allow domain administrators to conduct attacks against global administrators...

4.3CVSS5.9AI score0.00066EPSS
Exploits1References2Affected Software1
CVE
CVEadded 2023/12/31 12:0 a.m.54 views

CVE-2023-52269

The connected documents identify CVE-2023-52269 as an XSS vulnerability in MDaemon SecurityGateway up to version 9.0.3, triggered by a crafted Message Content Filtering rule. The issue can allow domain administrators to execute or orchestrate attacks against global administrators. Affected softwa...

4.8CVSS4.7AI score0.00066EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2023/12/31 12:0 a.m.17 views

CVE-2023-52269

MDaemon SecurityGateway through 9.0.3 allows XSS via a crafted Message Content Filtering rule. This might allow domain administrators to conduct attacks against global administrators...

5AI score0.00066EPSS
Exploits1References2
CNNVD
CNNVDadded 2023/12/31 12:0 a.m.5 views

Alt-N MDaemon Cross-Site Scripting Vulnerability

Alt-N MDaemon is a mail service system from Alt-N, which provides complete mail server functionality, protects users from spam, enables web login to send and receive emails, supports remote management, and protects the system against mail viruses when used in conjunction with the MDaemon AntiViru...

4.8CVSS6.2AI score0.00066EPSS
Exploits1References3
ATTACKERKB
ATTACKERKBadded 2022/08/25 4:15 p.m.2 views

CVE-2022-37238

MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting XSS via the currentRequest parameter...

5.4CVSS6.1AI score0.00638EPSS
Exploits1References3
NVD
NVDadded 2022/08/25 4:15 p.m.10 views

CVE-2022-37238

MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting XSS via the currentRequest parameter...

5.4CVSS0.00638EPSS
Exploits1References2
Prion
Prionadded 2022/08/25 4:15 p.m.13 views

Cross site scripting

MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting XSS via the currentRequest parameter...

4.9CVSS5.3AI score0.00638EPSS
Exploits1References2Affected Software1
NVD
NVDadded 2022/08/25 3:15 p.m.8 views

CVE-2022-37245

MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting XSS via the Blacklist endpoint...

5.4CVSS0.00548EPSS
Exploits1References2
NVD
NVDadded 2022/08/25 3:15 p.m.9 views

CVE-2022-37244

MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to IFRAME Injectionvia the currentRequest parameter. after login leads to inject malicious tag leads to IFRAME injection...

5.4CVSS0.00548EPSS
Exploits1References2
OSV
OSVadded 2022/08/25 3:15 p.m.3 views

CVE-2022-37239

MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting XSS via the rulleslistajax endpoint...

5.4CVSS5.8AI score0.00548EPSS
Exploits1References2
NVD
NVDadded 2022/08/25 3:15 p.m.5 views

CVE-2022-37240

MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to HTTP Response splitting via the format parameter...

9.8CVSS0.01139EPSS
Exploits1References2
Rows per page
Query Builder