2 matches found
CVE-2014-9352
CVE-2014-9352 affects Scalix Web Access (mail administration login panel) with XXE and XSS vulnerabilities disclosed across multiple databases. OpenVAS describes XXE and XSS in Scalix Web Access <= 11.4.6.12377 and <= 12.x
CVE-2014-9360
CVE-2014-9360 describes an XML External Entity (XXE) vulnerability in Scalix Web Access, affecting versions 11.4.6.12377 and 12.2.0.14697. The issue allows remote attackers to read arbitrary files and trigger requests to intranet servers through a crafted XML payload. The root cause is an XXE fla...