219 matches found
Design/Logic Flaw
Atmail 5.62 allows XSS via the mail/parse.php?file=html/$this-%3ELanguage/help/filexp.html&FirstLoad=1&HelpFile=file.html Search Terms field...
CVE-2022-31200
Atmail 5.62 allows XSS via the mail/parse.php?file=html/$this-%3ELanguage/help/filexp.html&FirstLoad=1&HelpFile=file.html Search Terms field...
CVE-2022-31200
Atmail 5.62 allows XSS via the mail/parse.php?file=html/$this-%3ELanguage/help/filexp.html&FirstLoad=1&HelpFile=file.html Search Terms field...
Atmail 跨站脚本漏洞
Atmail is an email hosting service from Atmail. It is used to ensure that customer email platforms are secure, stable, scalable and private. A security vulnerability exists in Atmail version 5.62, which stems from the presence of a cross-site scripting XSS vulnerability...
CVE-2022-31200
The CVE-2022-31200 issue affects Atmail 5.62 and is described as a cross-site scripting (XSS) vulnerability exploitable via the mail/parse.php file with crafted URL parameters (html/$this->Language/help/filexp.html&FirstLoad=1&HelpFile=file.html). Multiple connected sources corroborate a vulne...
Atmail <= 6.5.0 XSS Vulnerability
Atmail is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:atmail:atmail"; if...
Atmail Cross-Site Scripting Vulnerability (CNVD-2022-66695)
Atmail is an email hosting service from Atmail. Atmail version 6.5.0 contains a cross-site scripting vulnerability that originates from an incorrect parameter in index.php/admin/index/ and can be exploited to execute JavaScript code...
CVE-2022-30776
atmail 6.5.0 allows XSS via the index.php/admin/index/ error parameter...
CVE-2022-30776
atmail 6.5.0 allows XSS via the index.php/admin/index/ error parameter...
CVE-2022-30776
atmail 6.5.0 allows XSS via the index.php/admin/index/ error parameter...
Cross site scripting
atmail 6.5.0 allows XSS via the index.php/admin/index/ error parameter...
CVE-2022-30776
atmail 6.5.0 allows XSS via the index.php/admin/index/ error parameter...
CVE-2022-30776
Affected software: Atmail 6.5.0. Vulnerability: Cross-site scripting (XSS) via the index.php/admin/index/ 'error' parameter. Root cause: Improper handling/input validation of the error parameter leads to script execution in the victim’s browser. Impact (as described): attackers could execute mali...
Atmail 跨站脚本漏洞
Atmail is an email hosting service from Atmail. Atmail version 6.5.0 contains a cross-site scripting vulnerability that originates from an incorrect parameter in index.php/admin/index/ and can be exploited to execute JavaScript code...
AtMail Cross-Site Scripting Vulnerability (CNVD-2021-93369)
AtMail is an open source WebMail client from Atmail Australia, which provides Webmail interface, address book management, calendar and other features, and supports IMAP, video mail, etc. A cross-site scripting vulnerability exists in the WebAdmin control panel of AtMail version 6.5.0. An attacker...
CVE-2021-43574
WebAdmin Control Panel in Atmail 6.5.0 a version released in 2012 allows XSS via the format parameter to the default URI. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...
CVE-2021-43574
WebAdmin Control Panel in Atmail 6.5.0 a version released in 2012 allows XSS via the format parameter to the default URI. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...
Cross site scripting
UNSUPPORTED WHEN ASSIGNED WebAdmin Control Panel in Atmail 6.5.0 a version released in 2012 allows XSS via the format parameter to the default URI. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...
CVE-2021-43574
WebAdmin Control Panel in Atmail 6.5.0 a version released in 2012 allows XSS via the format parameter to the default URI. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...
CVE-2021-43574
CVE-2021-43574 affects Atmail 6.5.0 (WebAdmin/Control Panel). The vulnerability is a cross-site scripting (XSS) flaw exposed via the format parameter to the default URI, allowing injected script/HTML to run in the victim’s browser. Documented across multiple sources (NVD, Nuclei template, CNVD/CN...