Vulnerability Details CVE-2015-9057
Multiple cross-site scripting (XSS) vulnerabilities in Proxmox Mail Gateway prior to hotfix 4.0-8-097d26a9 allow remote attackers to inject arbitrary web script or HTML via multiple parameters, related to /users/index.htm, /quarantine/spam/manage.htm, /quarantine/spam/whitelist.htm, /queues/mail/index/, /system/ssh.htm, /queues/mail/?domain=, and /quarantine/virus/manage.htm.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 45.1%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
Products affected by CVE-2015-9057
-
cpe:2.3:a:proxmox:proxmox_mail_gateway:-
-
cpe:2.3:a:proxmox:proxmox_mail_gateway:1.0
-
cpe:2.3:a:proxmox:proxmox_mail_gateway:1.1
-
cpe:2.3:a:proxmox:proxmox_mail_gateway:1.2
-
cpe:2.3:a:proxmox:proxmox_mail_gateway:1.3
-
cpe:2.3:a:proxmox:proxmox_mail_gateway:1.4
-
cpe:2.3:a:proxmox:proxmox_mail_gateway:1.5
-
cpe:2.3:a:proxmox:proxmox_mail_gateway:1.6
-
cpe:2.3:a:proxmox:proxmox_mail_gateway:1.7
-
cpe:2.3:a:proxmox:proxmox_mail_gateway:2.0
-
cpe:2.3:a:proxmox:proxmox_mail_gateway:2.1
-
cpe:2.3:a:proxmox:proxmox_mail_gateway:2.2
-
cpe:2.3:a:proxmox:proxmox_mail_gateway:2.3
-
cpe:2.3:a:proxmox:proxmox_mail_gateway:2.4
-
cpe:2.3:a:proxmox:proxmox_mail_gateway:2.5
-
cpe:2.3:a:proxmox:proxmox_mail_gateway:2.6
-
cpe:2.3:a:proxmox:proxmox_mail_gateway:3.0
-
cpe:2.3:a:proxmox:proxmox_mail_gateway:3.1
-
cpe:2.3:a:proxmox:proxmox_mail_gateway:4.0
-
cpe:2.3:a:proxmox:proxmox_mail_gateway:4.0-4/b38fc5d9