CVE-2024-24131

Name of the Vulnerable Software and Affected Versions SuperWebMailer version 9.31.0.01799

Description The issue is a reflected cross-site scripting (XSS) problem. It occurs via the "api.php" component. Cross-site scripting (XSS) is a type of security vulnerability that allows an attacker to inject malicious scripts into a website, potentially allowing them to steal user data or take control of the user's session.

Recommendations For SuperWebMailer version 9.31.0.01799, consider disabling access to the "api.php" component until a patch is available to prevent potential exploitation of the reflected XSS issue.