Smartermail Security Vulnerabilities and Issues — Smartermail CVE List

Lucene search

SmartertoolsSmartermail

5 matches found

CVE•added 2021/07/06 12:15 a.m.•95 views

CVE-2021-32233

SmarterTools SmarterMail before Build 7776 allows XSS.

6.1CVSS6.3AI score0.00285EPSS

CVE•added 2021/11/17 5:15 p.m.•50 views

CVE-2021-32234

SmarterTools SmarterMail 16.x through 100.x before 100.0.7803 allows remote code execution.

9.8CVSS9.8AI score0.03074EPSS

CVE•added 2021/09/08 11:15 a.m.•42 views

CVE-2021-40377

SmarterTools SmarterMail 16.x before build 7866 has stored XSS. The application fails to sanitize email content, thus allowing one to inject HTML and/or JavaScript into a page that will then be processed and stored by the application.

5.4CVSS5.4AI score0.00502EPSS

CVE•added 2021/08/17 6:15 p.m.•38 views

CVE-2020-29548

An issue was discovered in SmarterTools SmarterMail through 100.0.7537. Meddler-in-the-middle attackers can pipeline commands after a POP3 STLS command, injecting plaintext commands into an encrypted user session.

8.1CVSS8AI score0.01027EPSS

CVE•added 2021/11/17 5:15 p.m.•35 views

CVE-2021-43977

SmarterTools SmarterMail 16.x through 100.x before 100.0.7803 allows XSS.

6.1CVSS6.2AI score0.00526EPSS