CVE-2023-28705

Name of the Vulnerable Software and Affected Versions Openfind Mail2000 (affected versions not specified)

Description The issue arises from insufficient filtering of special characters in email content by the content filtering function. A remote attacker can exploit this by sending phishing emails containing malicious web pages injected with JavaScript, triggering a Reflected Cross-site scripting (XSS) attack when users access the system and open the email.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.