Search
Find a vulnerability
Search criteria
2 vulnerabilities found for Atmail Webmail Server by Atmail
CVE-2012-2593 (GCVE-0-2012-2593)
Vulnerability from nvd – Published: 2020-02-06 13:47 – Updated: 2024-08-06 19:34
VLAI
Summary
Cross-site scripting (XSS) vulnerability in the administrative interface in Atmail Webmail Server 6.4 allows remote attackers to inject arbitrary web script or HTML via the Date field of an email.
Severity
No CVSS data available.
CWE
- Cross-Site Scripting
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.exploit-db.com/exploits/20009 | x_refsource_MISC |
| http://www.securityfocus.com/bid/54630 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Atmail | Atmail Webmail Server |
Affected:
6.4
|
Date Public
2012-07-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:34:26.067Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/20009"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/54630"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Atmail Webmail Server",
"vendor": "Atmail",
"versions": [
{
"status": "affected",
"version": "6.4"
}
]
}
],
"datePublic": "2012-07-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the administrative interface in Atmail Webmail Server 6.4 allows remote attackers to inject arbitrary web script or HTML via the Date field of an email."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-06T13:47:18.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.exploit-db.com/exploits/20009"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityfocus.com/bid/54630"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2012-2593",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Atmail Webmail Server",
"version": {
"version_data": [
{
"version_value": "6.4"
}
]
}
}
]
},
"vendor_name": "Atmail"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the administrative interface in Atmail Webmail Server 6.4 allows remote attackers to inject arbitrary web script or HTML via the Date field of an email."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.exploit-db.com/exploits/20009",
"refsource": "MISC",
"url": "http://www.exploit-db.com/exploits/20009"
},
{
"name": "http://www.securityfocus.com/bid/54630",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/54630"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2012-2593",
"datePublished": "2020-02-06T13:47:18.000Z",
"dateReserved": "2012-05-09T00:00:00.000Z",
"dateUpdated": "2024-08-06T19:34:26.067Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-2593 (GCVE-0-2012-2593)
Vulnerability from cvelistv5 – Published: 2020-02-06 13:47 – Updated: 2024-08-06 19:34
VLAI
Summary
Cross-site scripting (XSS) vulnerability in the administrative interface in Atmail Webmail Server 6.4 allows remote attackers to inject arbitrary web script or HTML via the Date field of an email.
Severity
No CVSS data available.
CWE
- Cross-Site Scripting
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.exploit-db.com/exploits/20009 | x_refsource_MISC |
| http://www.securityfocus.com/bid/54630 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Atmail | Atmail Webmail Server |
Affected:
6.4
|
Date Public
2012-07-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:34:26.067Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/20009"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/54630"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Atmail Webmail Server",
"vendor": "Atmail",
"versions": [
{
"status": "affected",
"version": "6.4"
}
]
}
],
"datePublic": "2012-07-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the administrative interface in Atmail Webmail Server 6.4 allows remote attackers to inject arbitrary web script or HTML via the Date field of an email."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-06T13:47:18.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.exploit-db.com/exploits/20009"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityfocus.com/bid/54630"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2012-2593",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Atmail Webmail Server",
"version": {
"version_data": [
{
"version_value": "6.4"
}
]
}
}
]
},
"vendor_name": "Atmail"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the administrative interface in Atmail Webmail Server 6.4 allows remote attackers to inject arbitrary web script or HTML via the Date field of an email."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.exploit-db.com/exploits/20009",
"refsource": "MISC",
"url": "http://www.exploit-db.com/exploits/20009"
},
{
"name": "http://www.securityfocus.com/bid/54630",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/54630"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2012-2593",
"datePublished": "2020-02-06T13:47:18.000Z",
"dateReserved": "2012-05-09T00:00:00.000Z",
"dateUpdated": "2024-08-06T19:34:26.067Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}