CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Gfi: >> Kerio Control >> 9.3.0 Security Vulnerabilities

CVE-2019-16414

A DOM based XSS in GFI Kerio Control v9.3.0 allows embedding of malicious code and manipulating the login page to send back a victim's cleartext credentials to an attacker via a login/?reason=failure&NTLM= URI.

CVSS Score

6.1

EPSS Score

0.004

Published

2019-09-30

Page 1

Vulnerabilities

Vulnerable Software

Gfi: >> Kerio Control >> 9.3.0 Security Vulnerabilities

Products

Pricing

Contact Us