PT-2022-19938 · Mdaemon · Mdaemon

Haxpunk1337

Published

2022-05-11

Updated

2022-05-17

CVE-2022-29976

CVSS v3.1

5.4

Medium

Vector

AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions MDaemon versions prior to 22.0.0

Description An Authenticated Reflected Cross-site scripting issue was discovered at the BCC parameter.

Recommendations For versions prior to 22.0.0, update to version 22.0.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the BCC parameter to minimize the risk of exploitation.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2022-29976

Affected Products

Mdaemon

PT-2022-19938 · Mdaemon · Mdaemon

CVE-2022-29976

Weakness Enumeration

Related Identifiers

Affected Products

References · 4