CVE-2021-40377

Beschreibung:
SmarterTools SmarterMail 16.x before build 7866 has stored XSS. The application fails to sanitize email content, thus allowing one to inject HTML and/or JavaScript into a page that will then be processed and stored by the application.

CWE: CWE-79

CVSS-Bewertung
CVSS 2: LOW – 3.5 (Version: 2.0)
CVSS 3: MEDIUM – 5.4 (Version: 3.1)

Links:

NVD – CVE-2021-40377
CVE – CVE-2021-40377

Link (max. 20) Quelle Tags
https://www.smartertools.com/smartermail/release-notes/current MISC Release Notes Vendor Advisory

Quelle: NVD – CVE-2021-40377
Datum Veröffentlichung: 2021-09-08T11:15Z, Datum letzte Änderung: 2021-09-14T14:07Z