Vulnerability Details CVE-2020-5540
Cross-site scripting vulnerability in CyberMail Ver.6.x and Ver.7.x allows remote attackers to inject arbitrary script or HTML via a specially crafted URL.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 68.2%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
- https://gist.github.com/tonykuo76/d2480727faeb768a97800db3058dceed
- https://jvn.jp/en/jp/JVN46258789/
- https://sup.cybersolutions.co.jp/otrs/customer.pl?Action=CustomerFAQZoom%3BItemID=985
- https://www.chtsecurity.com/news/fff688e5-8ba2-4da2-be65-732fc6c9ce9d
- https://gist.github.com/tonykuo76/d2480727faeb768a97800db3058dceed
- https://jvn.jp/en/jp/JVN46258789/
- https://sup.cybersolutions.co.jp/otrs/customer.pl?Action=CustomerFAQZoom%3BItemID=985
- https://www.chtsecurity.com/news/fff688e5-8ba2-4da2-be65-732fc6c9ce9d
Products affected by CVE-2020-5540
-
cpe:2.3:a:cybersolutions:cybermail:6.0
-
cpe:2.3:a:cybersolutions:cybermail:7.0