exploitDog

GHSA-g442-gf3f-2wq6

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Cross-site scripting (XSS) vulnerability in NetWin SurgeMail 6.0a4 allows remote attackers to inject arbitrary web script or HTML via the SRC attribute of an IFRAME element in the body of an HTML e-mail message.

Cross-site scripting (XSS) vulnerability in NetWin SurgeMail 6.0a4 allows remote attackers to inject arbitrary web script or HTML via the SRC attribute of an IFRAME element in the body of an HTML e-mail message.

Ссылки

EPSS

Процентиль: 59%

0.00387

Низкий

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2012-2575

nvd

больше 13 лет назад

Cross-site scripting (XSS) vulnerability in NetWin SurgeMail 6.0a4 allows remote attackers to inject arbitrary web script or HTML via the SRC attribute of an IFRAME element in the body of an HTML e-mail message.

EPSS

Процентиль: 59%

0.00387

Низкий

CVE ID

Дефекты

CWE-79