Ability Mail Server 4.2.6 has Persistent Cross Site Scripting (XSS) via the body e-mail body. To exploit the vulnerability, the victim must open an email with malicious Javascript inserted into the body of the email as an iframe.
References
Link | Resource |
---|---|
https://packetstormsecurity.com/files/151958/Ability-Mail-Server-4.2.6-Cross-Site-Scripting.html | Exploit Third Party Advisory VDB Entry |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-03-12T19:00:00
Updated: 2019-03-12T18:57:01
Reserved: 2019-03-04T00:00:00
Link: CVE-2019-9557
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-03-12T19:29:00.240
Modified: 2019-03-13T12:17:26.317
Link: CVE-2019-9557
JSON object: View
Redhat Information
No data.
CWE