Vulnerability Details CVE-2020-26554
REDDOXX MailDepot 2033 (aka 2.3.3022) allows XSS via an incoming HTML e-mail message.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 46.2%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
- http://packetstormsecurity.com/files/160077/MailDepot-2033-2.3.3022-Cross-Site-Scripting.html
- https://www.syss.de/pentest-blog/syss-2020-037-persistent-cross-site-scripting-schwachstelle-in-reddoxx-maildepot
- http://packetstormsecurity.com/files/160077/MailDepot-2033-2.3.3022-Cross-Site-Scripting.html
- https://www.syss.de/pentest-blog/syss-2020-037-persistent-cross-site-scripting-schwachstelle-in-reddoxx-maildepot