3 matches found
Design/Logic Flaw
REDDOXX MailDepot 2033 aka 2.3.3022 allows XSS via an incoming HTML e-mail message...
CVE-2020-26554
REDDOXX MailDepot 2033 (2.3.3022) is affected by a persistent Cross-site Scripting (XSS) in incoming HTML e-mails (CWE-79). The SySS advisory SYSS-2020-037 indicates the vulnerability arises from processing HTML mail, allowing script execution in the context of the user’s browser when viewing mes...
MailDepot 2033 2.3.3022 Cross Site Scripting
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Advisory ID: SYSS-2020-037 Product: MailDepot Manufacturer: REDDOXX GmbH Affected Versions: 2033 2.3.3022 Tested Versions: 2033 2.3.3022 Vulnerability Type: Persistent Cross-site Scripting CWE-79 Risk Level: High Solution Status: Open Manufacturer...