📄 SmarterMail 9518 Cross Site Scripting

SmarterMail versions 9518 and below have an issue where user input passed through the MailboxId GET parameter to the MAPI endpoints is not properly sanitized before being used to generate HTML output. This can be exploited by attackers to perform reflective cross site scripting attacks which, in...

EUVD-2018-19419

Malware in sbrugna...

CVE-2018-7703

Cross-site scripting XSS vulnerability in SecurEnvoy SecurMail before 9.2.501 allows remote attackers to inject arbitrary web script or HTML via the mailboxid parameter to secmail/getmessage.exe...

CVE-2018-7703

Cross-site scripting XSS vulnerability in SecurEnvoy SecurMail before 9.2.501 allows remote attackers to inject arbitrary web script or HTML via the mailboxid parameter to secmail/getmessage.exe...

Cross site scripting

Cross-site scripting XSS vulnerability in SecurEnvoy SecurMail before 9.2.501 allows remote attackers to inject arbitrary web script or HTML via the mailboxid parameter to secmail/getmessage.exe...

SecurEnvoy SecurMail Cross-Site Scripting Vulnerability

SecurEnvoy SecurMail is an email application from SecurEnvoy USA. A cross-site scripting vulnerability exists in SecurEnvoy SecurMail versions prior to 9.2.501. A remote attacker can exploit this vulnerability by sending the 'mailboxid' parameter to the secmail/getmessage.exe file to inject...

CVE-2018-7703

Cross-site scripting XSS vulnerability in SecurEnvoy SecurMail before 9.2.501 allows remote attackers to inject arbitrary web script or HTML via the mailboxid parameter to secmail/getmessage.exe...