An issue was discovered in MDaemon before 20.0.4. There is an IFRAME injection vulnerability in Webmail (aka WorldClient). It can be exploited via an email message. It allows an attacker to perform any action with the privileges of the attacked user.
References
Link | Resource |
---|---|
https://github.com/chudyPB/MDaemon-Advisories | Exploit Third Party Advisory |
https://www.altn.com/Support/SecurityUpdate/MD011221_MDaemon_EN/ | Release Notes Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-04-14T22:29:59
Updated: 2021-04-14T22:29:59
Reserved: 2021-02-10T00:00:00
Link: CVE-2021-27182
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-04-14T23:15:12.430
Modified: 2021-04-21T17:34:26.947
Link: CVE-2021-27182
JSON object: View
Redhat Information
No data.
CWE