CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2022-37243
https://notcve.org/view.php?id=CVE-2022-37243
MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the whitelist endpoint. MDaemon Technologies SecurityGateway for Email Servers versión 8.5.2, es vulnerable a Cross Site Scripting (XSS) por medio del punto final de la lista blanca. • https://files.mdaemon.com/securitygateway/release/relnotes_en.htm https://gtn.com.np/wp-content/uploads/2022/07/Stored-Cross-Site-Scripting-XSS-at-whitelist-endpoint.pdf • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2022-37244
https://notcve.org/view.php?id=CVE-2022-37244
MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to IFRAME Injectionvia the currentRequest parameter. after login leads to inject malicious tag leads to IFRAME injection. MDaemon Technologies SecurityGateway for Email Servers versión 8.5.2, es vulnerable a la inyección de IFRAME a través del parámetro currentRequest. después del inicio de sesión lleva a inyectar la etiqueta maliciosa lleva a la inyección de IFRAME. • https://files.mdaemon.com/securitygateway/release/relnotes_en.htm https://gtn.com.np/wp-content/uploads/2022/07/IFRAME-Injection-at-currentRequest-Parameter.pdf • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2022-37245
https://notcve.org/view.php?id=CVE-2022-37245
MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the Blacklist endpoint. MDaemon Technologies SecurityGateway for Email Servers versión 8.5.2, es vulnerable a Cross Site Scripting (XSS) por medio del punto final Blacklist. • https://files.mdaemon.com/securitygateway/release/relnotes_en.htm https://gtn.com.np/wp-content/uploads/2022/07/Stored-Cross-Site-Scripting-XSS-at-Blacklist-endpoint.pdf • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-29976
https://notcve.org/view.php?id=CVE-2022-29976
An Authenticated Reflected Cross-site scripting at BCC Parameter was discovered in MDaemon before 22.0.0 . Se ha detectado una vulnerabilidad de tipo Cross-site scripting Reflejado y Autenticado en el parámetro BCC en MDaemon versiones anteriores a 22.0.0 • https://github.com/haxpunk1337/MDaemon-/blob/main/MDaemon%20XSS%20at%20BCC%20endpoint • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-29975
https://notcve.org/view.php?id=CVE-2022-29975
An Authenticated Reflected Cross-site scripting at CC Parameter was discovered in MDaemon before 22.0.0 . Se ha detectado una vulnerabilidad de tipo Cross-site scriptin Reflejado y Autenticado en el parámetro CC en MDaemon versiones anteriores a 22.0.0 • https://github.com/haxpunk1337/MDaemon-/blob/main/MDaemon%20XSS%20at%20CC%20endpoint • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •