Mailplus Server Security Vulnerabilities and Issues — Mailplus Server CVE List

Lucene search

SynologyMailplus Server

3 matches found

CVE•added 2017/12/15 3:29 p.m.•43 views

CVE-2017-15890

Cross-site scripting (XSS) vulnerability in Disclaimer in Synology MailPlus Server before 1.4.0-0415 allows remote authenticated users to inject arbitrary web script or HTML via the NAME parameter.

4.8CVSS4.7AI score0.0017EPSS

CVE•added 2019/04/01 3:29 p.m.•37 views

CVE-2018-13296

Uncontrolled resource consumption vulnerability in TLS configuration in Synology MailPlus Server before 2.0.5-0606 allows remote attackers to conduct denial-of-service attacks via client-initiated renegotiation.

7.5CVSS7.5AI score0.00705EPSS

CVE•added 2017/12/27 5:29 p.m.•34 views

CVE-2017-16768

Cross-site scripting (XSS) vulnerability in User Policy editor in Synology MailPlus Server before 1.4.0-0415 allows remote authenticated users to inject arbitrary HTML via the name parameter.

4.8CVSS4.7AI score0.00184EPSS