CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2012-2587

Multiple cross-site scripting (XSS) vulnerabilities in AfterLogic MailSuite Pro 6.3 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with a crafted SRC attribute of (1) an IFRAME element or (2) a SCRIPT element.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 59.1%

CVSS Severity

CVSS v2 Score 4.3

References

http://www.exploit-db.com/exploits/20352/
http://www.exploit-db.com/exploits/20352/

Products affected by CVE-2012-2587

Afterlogic » Mailsuite Pro » Version: 6.3

cpe:2.3:a:afterlogic:mailsuite_pro:6.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-2587

Products

Pricing

Contact Us