3 matches found
CVE-2019-9557
Ability Mail Server 4.2.6 has Persistent Cross Site Scripting XSS via the body e-mail body. To exploit the vulnerability, the victim must open an email with malicious Javascript inserted into the body of the email as an iframe...
CVE-2019-9557
CVE-2019-9557 : Ability Mail Server 4.2.6 is affected by a Persistent Cross-Site Scripting (XSS) vulnerability in the email body. An attacker can inject JavaScript within an iframe in the body of an email, requiring the victim to open the message for the exploit to trigger. Public materials (incl...
Ability Mail Server 4.2.6 Cross Site Scripting
Exploit Title: Persistent Cross Site Scripting Ability Mail Server 4.2.6 CVE: CVE-2019-9557 Exploit Author: Aloyce J. Makalanga Contact: https://twitter.com/aloycemjr Vendor Homepage: https://www.codecrafters.com/AbilityMailServer Category: webapps Attack Type: Remote Impact: Data/Cookie hijackin...