Mason Yang

**Name of the Vulnerable Software and Affected Versions** Raiden MAILD Mail Server (affected versions not specified) **Description** A remote attacker with general user privilege can inject malicious code in the form content of the Raiden MAILD Mail Server website. When other users export the form content as a CSV file, it can trigger arbitrary code execution, allowing the attacker to perform arbitrary system operations or disrupt the service on the user side. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Raiden MAILD Mail Server (affected versions not specified) **Description** The issue is related to insufficient filtering for user input in the website mail field of the Raiden MAILD Mail Server. A remote attacker with general user privilege can send email using the website with malicious JavaScript in the input field, triggering a Reflected Cross-Site Scripting (XSS) attack to the mail recipient. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.