Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-9557 | 1 Codecrafters | 1 Ability Mail Server | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| Ability Mail Server 4.2.6 has Persistent Cross Site Scripting (XSS) via the body e-mail body. To exploit the vulnerability, the victim must open an email with malicious Javascript inserted into the body of the email as an iframe. | |||||
| CVE-2017-17752 | 1 Codecrafters | 1 Ability Mail Server | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| Ability Mail Server 3.3.2 has Cross Site Scripting (XSS) via the body of an e-mail message, with JavaScript code executed on the Read Mail screen (aka the /_readmail URI). This is fixed in version 4.2.4. | |||||