2 matches found
CVE-2019-15072 Openfind MAIL2000 Webmail Post-Auth Cross-Site Scripting
The login feature in "/cgi-bin/portal" in MAIL2000 through version 6.0 and 7.0 has a cross-site scripting XSS vulnerability, allowing execution of arbitrary code via any parameter. This vulnerability affects many mail system of governments, organizations, companies and universities...
CVE-2019-15072
The CVE-2019-15072 issue affects Openfind MAIL2000 Webmail: login functionality at /cgi-bin/portal for MAIL2000 versions up to 6.0 and 7.0. The vulnerability is Cross-Site Scripting (XSS) caused by lack of proper validation of client data in the WEB application, enabling an attacker to execute ar...