4 matches found
CVE-2022-40778
CVE-2022-40778 affects OPSWAT MetaDefender ICAP Server prior to 4.13.0. The vulnerability is a stored XSS caused by the blocked page response, allowing an attacker to execute arbitrary JavaScript or HTML. Connected sources confirm the affected product/version and the XSS impact. The entry does no...
CVE-2022-40778
A stored Cross-Site Scripting XSS vulnerability in OPSWAT MetaDefender ICAP Server before 4.13.0 allows attackers to execute arbitrary JavaScript or HTML because of the blocked page response...
Privilege escalation
OPSWAT MetaDefender Core before 5.1.2, MetaDefender ICAP before 4.12.1, and MetaDefender Email Gateway Security before 5.6.1 have incorrect access control, resulting in privilege escalation...
CVE-2022-32272
CVE-2022-32272 affects OPSWAT MetaDefender Core prior to 5.1.2, MetaDefender ICAP prior to 4.12.1, and MetaDefender Email Gateway Security prior to 5.6.1. The issue is due to incorrect access control, enabling privilege escalation. The Red Hat advisory and related sources confirm the same affecte...