Synology: >> Mailplus Server >> 1.2.0-0295 Security Vulnerabilities
Uncontrolled resource consumption vulnerability in TLS configuration in Synology MailPlus Server before 2.0.5-0606 allows remote attackers to conduct denial-of-service attacks via client-initiated renegotiation.
CVSS Score
7.5
EPSS Score
0.007
Published
2019-04-01
Cross-site scripting (XSS) vulnerability in User Policy editor in Synology MailPlus Server before 1.4.0-0415 allows remote authenticated users to inject arbitrary HTML via the name parameter.
CVSS Score
4.8
EPSS Score
0.002
Published
2017-12-27
Cross-site scripting (XSS) vulnerability in Disclaimer in Synology MailPlus Server before 1.4.0-0415 allows remote authenticated users to inject arbitrary web script or HTML via the NAME parameter.
CVSS Score
4.8
EPSS Score
0.002
Published
2017-12-15