CVE-2019-9558

Mailtraq WebMail version 2.17.7.3550 has Persistent Cross Site Scripting (XSS) via the body of an e-mail message. To exploit the vulnerability, the victim must open an email with malicious Javascript inserted into the body of the email as an iframe.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:mailtraq:webmail:2.17.7.3550:*:*:*:*:*:*:*

History

No history.

Information

Published : 2019-03-12 20:29

Updated : 2024-02-28 17:08


NVD link : CVE-2019-9558

Mitre link : CVE-2019-9558

CVE.ORG link : CVE-2019-9558


JSON object : View

Products Affected

mailtraq

  • webmail
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')