Vulnerability Details CVE-2023-48116
SmarterTools SmarterMail 8495 through 8664 before 8747 allows stored XSS via a crafted description of a Calendar appointment.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 38.8%
CVSS Severity
CVSS v3 Score 5.4
References
- https://co3us.gitbook.io/write-ups/stored-xss-in-calendar-component-of-smartermail-cve-2023-48116
- https://www.smartertools.com/smartermail/release-notes/current
- https://co3us.gitbook.io/write-ups/stored-xss-in-calendar-component-of-smartermail-cve-2023-48116
- https://www.smartertools.com/smartermail/release-notes/current
Products affected by CVE-2023-48116
-
cpe:2.3:a:smartertools:smartermail:*