3 matches found
CVE-2020-29133
jsp/upload.jsp in Coremail XT 5.0 allows XSS via an uploaded personal signature, as demonstrated by a .jpg.html filename in the signImgFile parameter...
CVE-2020-29133
CVE-2020-29133 : Concrete details found in connected documents indicate a cross-site scripting (XSS) vulnerability in Coremail XT 5.0, triggered via jsp/upload.jsp in the signImgFile parameter when uploading a personal signature (demonstrated by a .jpg.html filename). Affected software/component:...
CVE-2020-29133
jsp/upload.jsp in Coremail XT 5.0 allows XSS via an uploaded personal signature, as demonstrated by a .jpg.html filename in the signImgFile parameter...