CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2021-27180
https://notcve.org/view.php?id=CVE-2021-27180
An issue was discovered in MDaemon before 20.0.4. There is Reflected XSS in Webmail (aka WorldClient). It can be exploited via a GET request. It allows performing any action with the privileges of the attacked user. Se detectó un problema en MDaemon versiones anteriores a 20.0.4. • https://github.com/chudyPB/MDaemon-Advisories https://www.altn.com/Support/SecurityUpdate/MD011221_MDaemon_EN • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.0EPSS: 0%CPEs: 60EXPL: 0CVE-2008-6967
https://notcve.org/view.php?id=CVE-2008-6967
Multiple unspecified vulnerabilities in WorldClient in Alt-N MDaemon before 10.02 have unknown impact and attack vectors, probably related to cross-site scripting (XSS) and WorldClient DLL 10.0.1, a different vulnerability than CVE-2008-6893. Múltiples vulnerabilidad no especificada en WorldClient en Alt-N MDaemon anteriores a v10.02 tienen impacto desconocido y vector de ataque, probablemente relativo a de ejecución de secuencias de comandos en sitios cruzados - XSS - WorldClient DLL v10.0.1, una vulnerabilidad diferente que CVE-2008-6893. • http://files.altn.com/MDaemon/Release/RelNotes_en.txt http://osvdb.org/50011 http://secunia.com/advisories/32142 http://www.securityfocus.com/bid/32355 http://www.vupen.com/english/advisories/2008/3206 https://exchange.xforce.ibmcloud.com/vulnerabilities/46688 •