Vulnerabilities (CVE)

Filtered by vendor Altn Subscribe
Filtered by product Mdaemon Email Server
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-19497 1 Altn 1 Mdaemon Email Server 2024-11-21 3.5 LOW 5.4 MEDIUM
MDaemon Email Server 17.5.1 allows XSS via the filename of an attachment to an email message.
CVE-2019-13612 1 Altn 1 Mdaemon Email Server 2024-11-21 5.0 MEDIUM 7.5 HIGH
MDaemon Email Server 19 through 20.0.1 skips SpamAssassin checks by default for e-mail messages larger than 2 MB (and limits checks to 10 MB even with special configuration), which is arguably inconsistent with currently popular message sizes. This might interfere with risk management for malicious e-mail, if a customer deploys a server with sufficient resources to scan large messages.