3 matches found
CVE-2024-6739
CVE-2024-6739 affects Openfind MailGates and MailAudit. The root cause is a session cookie without the HttpOnly flag, enabling potential cookie theft via XSS. Public details indicate affected versions include Openfind MailGates < 6.1.7.040 and MailAudit
CVE-2020-25849
The CVE-2020-25849 entry describes a Command Injection vulnerability in MailGates and MailAudit products. The issue allows an attacker to inject and execute system commands via the CGI parameter after obtaining the user’s access token. No affected product versions, root-cause details, or remediat...
CVE-2020-12782
Openfind MailGates is affected by a Command Injection flaw. According to the CVE description, when receiving an email containing specific strings, malicious code in the mail attachment may be triggered, granting unauthorized access to system files. The issue is reported with CVSS data indicating ...