CVE-2022-37243
https://notcve.org/view.php?id=CVE-2022-37243
MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the whitelist endpoint. MDaemon Technologies SecurityGateway for Email Servers versión 8.5.2, es vulnerable a Cross Site Scripting (XSS) por medio del punto final de la lista blanca. • https://files.mdaemon.com/securitygateway/release/relnotes_en.htm https://gtn.com.np/wp-content/uploads/2022/07/Stored-Cross-Site-Scripting-XSS-at-whitelist-endpoint.pdf • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2022-37244
https://notcve.org/view.php?id=CVE-2022-37244
MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to IFRAME Injectionvia the currentRequest parameter. after login leads to inject malicious tag leads to IFRAME injection. MDaemon Technologies SecurityGateway for Email Servers versión 8.5.2, es vulnerable a la inyección de IFRAME a través del parámetro currentRequest. después del inicio de sesión lleva a inyectar la etiqueta maliciosa lleva a la inyección de IFRAME. • https://files.mdaemon.com/securitygateway/release/relnotes_en.htm https://gtn.com.np/wp-content/uploads/2022/07/IFRAME-Injection-at-currentRequest-Parameter.pdf • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2022-37245
https://notcve.org/view.php?id=CVE-2022-37245
MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the Blacklist endpoint. MDaemon Technologies SecurityGateway for Email Servers versión 8.5.2, es vulnerable a Cross Site Scripting (XSS) por medio del punto final Blacklist. • https://files.mdaemon.com/securitygateway/release/relnotes_en.htm https://gtn.com.np/wp-content/uploads/2022/07/Stored-Cross-Site-Scripting-XSS-at-Blacklist-endpoint.pdf • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •