Lucene search

Security Gateway For Email Servers Security Vulnerabilities - February

cve

CVE-2022-37238

MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the currentRequest parameter.

5.4CVSS

5.3AI Score

0.001EPSS

2022-08-25 04:15 PM

cve

CVE-2022-37239

MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the rulles_list_ajax endpoint.

5.4CVSS

5.3AI Score

0.001EPSS

2022-08-25 03:15 PM

cve

CVE-2022-37240

MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to HTTP Response splitting via the format parameter.

9.8CVSS

9.3AI Score

0.003EPSS

2022-08-25 03:15 PM

cve

CVE-2022-37241

MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the data_leak_list_ajax endpoint.

5.4CVSS

5.3AI Score

0.001EPSS

2022-08-25 03:15 PM

cve

CVE-2022-37242

MDaemon Technologies SecurityGateway for Email Servers 8.5.2, is vulnerable to HTTP Response splitting via the data parameter.

9.8CVSS

9.3AI Score

0.003EPSS

2022-08-25 03:15 PM

cve

CVE-2022-37243

MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the whitelist endpoint.

5.4CVSS

5.3AI Score

0.001EPSS

2022-08-25 03:15 PM

cve

CVE-2022-37244

MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to IFRAME Injectionvia the currentRequest parameter. after login leads to inject malicious tag leads to IFRAME injection.

5.4CVSS

5.8AI Score

0.001EPSS

2022-08-25 03:15 PM

cve

CVE-2022-37245

MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the Blacklist endpoint.

5.4CVSS

5.3AI Score

0.001EPSS

2022-08-25 03:15 PM