2 matches found
CVE-2021-43459
A Cross Site Scripting XSS vulnerability exists in Rumble Mail Server 0.51.3135 via the 1 domain and 2 path parameters...
CVE-2021-43459
Rumble Mail Server 0.51.3135 is vulnerable to Cross Site Scripting via the domain and path parameters. The root cause is missing data validation on user-supplied domain/path data, allowing injected JavaScript to execute in the client. Impact is client-side code execution with potential session or...