4 matches found
CVE-2013-6017
creationtimestamp| type| source ---|---|--- 2014-01-14 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/39015...
CVE-2013-6017
Cross-site scripting XSS vulnerability in Atmail Webmail Server before 7.2 allows remote attackers to inject arbitrary web script or HTML via the body of an e-mail message, as demonstrated by the SRC attribute of an IFRAME element...
CVE-2013-6017
Atmail Webmail Server prior to 7.2 is vulnerable to stored cross-site scripting (XSS) via the body of an e-mail message, demonstrated by an IFRAME SRC attribute. The flaw exists in Atmail Webmail Server versions 6.x/7.x before 7.2.0 and is caused by input validation issues in email handling. Succ...
Atmail Webmail Server version 7.1.3 contains cross-site scripting (XSS) and cross-site request forgery (CSRF) vulnerabilities
Overview Atmail Webmail Server version 7.1.3 and possibly earlier versions contain stored cross-site scripting XSS CWE-79 and cross-site request forgery CSRF CWE-352 vulnerabilities. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' -...