Vulnerability Details CVE-2020-23774
A reflected XSS vulnerability exists in tohtml/convert.php of Winmail 6.5, which can cause JavaScript code to be executed.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 45.0%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
Products affected by CVE-2020-23774
-
cpe:2.3:a:winmail_project:winmail:6.5