6 matches found
CVE-2024-28063
Kiteworks Totemomail through 7.0.0 allows /responsiveUI/EnvelopeOpenServlet envelopeRecipient reflected XSS...
CVE-2024-28063
Kiteworks Totemomail through 7.0.0 allows /responsiveUI/EnvelopeOpenServlet envelopeRecipient reflected XSS...
CVE-2024-28063
Kiteworks Totemomail through 7.0.0 allows /responsiveUI/EnvelopeOpenServlet envelopeRecipient reflected XSS...
CVE-2024-28063
Kiteworks Totemomail through 7.0.0 allows /responsiveUI/EnvelopeOpenServlet envelopeRecipient reflected XSS...
PT-2024-22244 · Kiteworks · Kiteworks Totemomail
Name of the Vulnerable Software and Affected Versions: Kiteworks Totemomail versions through 7.0.0 Description: The issue allows for reflected XSS through the /responsiveUI/EnvelopeOpenServlet endpoint, specifically targeting the envelopeRecipient parameter. This enables potential attackers to...
PT-2024-22245 · Kiteworks · Kiteworks Totemomail
Name of the Vulnerable Software and Affected Versions: Kiteworks Totemomail versions 7.x through 8.2.1 Description: The issue allows for directory traversal, enabling unauthenticated file read and delete operations, as well as write operations, through the /responsiveUI/EnvelopeOpenServlet...