8 matches found
CVE-2024-47227
iRedAdmin before 2.6 allows XSS, e.g., via ordername...
CVE-2024-47227
iRedAdmin before 2.6 allows XSS, e.g., via ordername...
CVE-2024-47227
iRedAdmin before 2.6 allows XSS, e.g., via ordername...
CVE-2024-47227
iRedAdmin before 2.6 allows XSS, e.g., via ordername...
iRedAdmin 安全漏洞
iRedAdmin is a free open source mail server solution from iRedAdmin Open Source. A security vulnerability exists in iRedAdmin prior to version 2.6 that stems from the ordername parameter containing a cross-site scripting vulnerability...
CVE-2024-47227
iRedAdmin before 2.6 allows XSS, e.g., via ordername...
CVE-2024-47227
CVE-2024-47227 affects iRedAdmin prior to 2.6, where an XSS flaw is exploitable via the order_name parameter. The vulnerability arises from how user-supplied input in this field is handled, enabling the attacker to inject and execute scripts in the context of the affected web application. Impact ...
PT-2024-32486 · Iredadmin · Iredadmin
Name of the Vulnerable Software and Affected Versions: iRedAdmin versions prior to 2.6 Description: The issue is related to a Cross Site Scripting XSS vulnerability. This can be exploited via the order name parameter. The vulnerability allows an attacker to perform actions, view, or modify...