exploitDog

CVE-2021-31739

Опубликовано: 18 нояб. 2022

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

The SEPPmail solution is vulnerable to a Cross-Site Scripting vulnerability (XSS), because user input is not correctly encoded in HTML attributes when returned by the server.SEPPmail 11.1.10 allows XSS via a recipient address.

Ссылки

https://www.pentagrid.ch/en/blog/multiple-vulnerabilities-in-seppmail/
Exploit
Third Party Advisory
https://www.pentagrid.ch/en/blog/multiple-vulnerabilities-in-seppmail/
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:seppmail:seppmail:11.1.10:*:*:*:*:*:*:*

EPSS

Процентиль: 46%

0.00234

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

CWE-79

Связанные уязвимости

GHSA-5q2f-65mc-6jvf

CVSS3: 6.1

github

около 3 лет назад

The SEPPmail solution is vulnerable to a Cross-Site Scripting vulnerability (XSS), because user input is not correctly encoded in HTML attributes when returned by the server.SEPPmail 11.1.10 allows XSS via a recipient address.

EPSS

Процентиль: 46%

0.00234

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

CWE-79