2 matches found
Atmail 6.5.0 - Cross-Site Scripting
Atmail 6.5.0 contains a cross-site scripting vulnerability via the index.php/admin/index/ 'error' parameter. id: CVE-2022-30776 info: name: Atmail 6.5.0 - Cross-Site Scripting author: 3th1cyuk1 severity: medium description: | Atmail 6.5.0 contains a cross-site scripting vulnerability via the...
CVE-2022-30776
Affected software: Atmail 6.5.0. Vulnerability: Cross-site scripting (XSS) via the index.php/admin/index/ 'error' parameter. Root cause: Improper handling/input validation of the error parameter leads to script execution in the victim’s browser. Impact (as described): attackers could execute mali...