Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Pony Mail Security Vulnerabilities - February

cve
cve

CVE-2016-4460

Apache Pony Mail 0.6c through 0.8b allows remote attackers to bypass authentication.

9.8CVSS

9.4AI Score

0.002EPSS

2017-08-22 06:29 PM
25
cve
cve

CVE-2017-5658

The statistics generator in Apache Pony Mail 0.7 to 0.9 was found to be returning timestamp data without proper authorization checks. This could lead to derived information disclosure on private lists about the timing of specific email subjects or text bodies, though without disclosing the content ...

5.3CVSS

5AI Score

0.001EPSS

2018-10-04 02:29 PM
23
cve
cve

CVE-2019-0218

A vulnerability was discovered wherein a specially crafted URL could enable reflected XSS via JavaScript in the pony mail interface.

6.1CVSS

5.8AI Score

0.004EPSS

2019-04-22 10:29 PM
26