Lucene search
YoungzsoftCmailserver
2 matches found
CVE-2007-1991
Cross-site scripting (XSS) vulnerability in mail/signup.asp in CmailServer WebMail 5.4.3, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the Comment parameter, a different vector than CVE-2007-1927.
4.3CVSS5.7AI score0.00535EPSS
CVE-2007-1927
Cross-site scripting (XSS) vulnerability in signup.asp in CmailServer WebMail 5.3.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the POP3Mail parameter.
4.3CVSS5.7AI score0.00535EPSS