CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-17752

Ability Mail Server 3.3.2 has Cross Site Scripting (XSS) via the body of an e-mail message, with JavaScript code executed on the Read Mail screen (aka the /_readmail URI). This is fixed in version 4.2.4.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 49.1%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

https://www.exploit-db.com/exploits/43378/
https://www.exploit-db.com/exploits/43378/

Products affected by CVE-2017-17752

Codecrafters » Ability Mail Server » Version: 3.3.2

cpe:2.3:a:codecrafters:ability_mail_server:3.3.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-17752

Products

Pricing

Contact Us