CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2015-9058
https://notcve.org/view.php?id=CVE-2015-9058
Open redirect vulnerability in Proxmox Mail Gateway prior to hotfix 4.0-8-097d26a9 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the destination parameter. La vulnerabilidad de redirección abierta en Proxmox Mail Gateway anteriores a la versión4.0-8-097d26a9 permite a atacantes remotos redirigir a los usuarios a sitios web arbitrarios y realizar ataques de phishing a través del parámetro destination. • https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-024/?fid=7431 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2015-9057
https://notcve.org/view.php?id=CVE-2015-9057
Multiple cross-site scripting (XSS) vulnerabilities in Proxmox Mail Gateway prior to hotfix 4.0-8-097d26a9 allow remote attackers to inject arbitrary web script or HTML via multiple parameters, related to /users/index.htm, /quarantine/spam/manage.htm, /quarantine/spam/whitelist.htm, /queues/mail/index/, /system/ssh.htm, /queues/mail/?domain=, and /quarantine/virus/manage.htm. Múltiples vulnerabilidades de XSS en Proxmox Mail Gateway anterior al hotfix 4.0-8-097d26a9 permiten a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de múltiples parámetros, relacionado con /users/index.htm, /quarantine/spam/manage.htm, /quarantine/spam/whitelist.htm, /queues/mail/index/, /system/ssh.htm, /queues/mail/?domain=, y /quarantine/virus/manage.htm. • https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-024/?fid=7431 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •