3 matches found
CVE-2018-9330
The provided sources confirm a stored XSS vulnerability in Coremail XT3.0 (register.jsp), specifically via the third form field in a URI under register/. The OpenVAS entry refers to Coremail XT <= 3.0 Stored XSS Vulnerability, implying impact on older XT3.0 deployments. The NVD/NVD-derived ent...
CVE-2015-6942
CVE-2015-6942 is an XSS vulnerability in Coremail XT3.0, where a hyperlink embedded in a document attachment can execute arbitrary script when the recipient previews the attachment. Public details indicate a stored XSS scenario via a hyperlink in the attachment, aligning with the Coremail XT3.0 c...
CVE-2018-14503
CVE-2018-14503 is an XSS vulnerability in Coremail XT 3.0, affecting the intervalCheck.jsp page. An attacker can inject arbitrary web script/HTML via the sid parameter, enabling remote script execution in the context of the affected user. The connected documents specify the affected software (Cor...