CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2021-27180
https://notcve.org/view.php?id=CVE-2021-27180
An issue was discovered in MDaemon before 20.0.4. There is Reflected XSS in Webmail (aka WorldClient). It can be exploited via a GET request. It allows performing any action with the privileges of the attacked user. Se detectó un problema en MDaemon versiones anteriores a 20.0.4. • https://github.com/chudyPB/MDaemon-Advisories https://www.altn.com/Support/SecurityUpdate/MD011221_MDaemon_EN • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2019-8983
https://notcve.org/view.php?id=CVE-2019-8983
MDaemon Webmail 14.x through 18.x before 18.5.2 has XSS (issue 1 of 2). MDaemon Webmail, en sus versiones 14.x hasta las 18.x anteriores a la 18.5.2, tiene Cross-Site Scripting (XSS) (fallo 1 de 2). • https://www.altn.com/Support/SecurityUpdate/MD021519_MDaemon_EN • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2019-8984
https://notcve.org/view.php?id=CVE-2019-8984
MDaemon Webmail 14.x through 18.x before 18.5.2 has XSS (issue 2 of 2). MDaemon Webmail, en sus versiones 14.x hasta las 18.x anteriores a la 18.5.2, tiene Cross-Site Scripting (XSS) (fallo 2 de 2). • https://www.altn.com/Support/SecurityUpdate/MD021519_MDaemon_EN • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •