Cross site scripting

A Cross-Site Script Inclusion vulnerability was found on LiquidFiles before 3.3.19. This client-side attack requires user interaction opening a link and successful exploitation could lead to encrypted e-mail content leakage via messages/sent?format=js and popup?format=js...

CVE-2017-13860

An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. The issue involves the "Mail Drafts" component. It allows man-in-the-middle attackers to read e-mail content by leveraging mishandling of S/MIME credential encryption...

Design/Logic Flaw

Microsoft Forefront Protection 2010 for Exchange Server does not properly parse e-mail content, which might allow remote attackers to execute arbitrary code via a crafted message, aka "RCE Vulnerability."...

CVE-2013-4698

Cybozu Mailwise 5.0.4 and 5.0.5 allows remote authenticated users to obtain sensitive e-mail content intended for different persons in opportunistic circumstances by reading Subject header lines within the user's own mailbox...

CVE-2012-0307

Multiple cross-site scripting XSS vulnerabilities in Symantec Messaging Gateway SMG before 10.0 allow remote attackers to inject arbitrary web script or HTML via 1 web content or 2 e-mail content...

CVE-2012-0307

Multiple cross-site scripting XSS vulnerabilities in Symantec Messaging Gateway SMG before 10.0 allow remote attackers to inject arbitrary web script or HTML via 1 web content or 2 e-mail content...