What is the CVSS score of EUVD-2025-18797?

EUVD-2025-18797 has a CVSS 4.0 base score of 8.6 (High). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N. EPSS exploitation probability: 0.1%.

Which versions of Session Fixation are affected by EUVD-2025-18797?

Mail-0's Zero email solution version 0.8 contains a critical vulnerability allowing attackers to execute malicious code through crafted emails, potentially compromising user sessions and gaining…

How to fix or mitigate EUVD-2025-18797?

Within 24 hours: inventory all systems running Mail-0's Zero 0.8 and restrict email access to critical users only if possible. Within 7 days: upgrade to version 0.81 or later on all affected systems, or implement email content filtering rules to block malicious JavaScript payloads. Within 30 days: conduct a security audit of affected systems, review email logs for suspicious activity, and verify no unauthorized sessions were created during the vulnerability window.

Session Fixation EUVD-2025-18797

| CVE-2025-52557 HIGH

Improper Handling of Physical or Environmental Conditions (CWE-1384)

2025-06-21 security-advisories@github.com

XSS Information Disclosure Session Fixation

8.6

CVSS 4.0

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Lifecycle Timeline

EUVD ID Assigned

Mar 15, 2026 - 21:35 euvd

EUVD-2025-18797

Analysis Generated

Mar 15, 2026 - 21:35 vuln.today

CVE Published

Jun 21, 2025 - 02:15 nvd

HIGH 8.6

DescriptionNVD

Mail-0's Zero is an open-source email solution. In version 0.8 it's possible for an attacker to craft an email that executes javascript leading to session hijacking due to improper sanitization. This issue has been patched in version 0.81.

AnalysisAI

CVE-2025-52557 is a stored/reflected XSS vulnerability in Mail-0's Zero email solution (version 0.8) that allows unauthenticated attackers to craft malicious emails containing unexecuted JavaScript code. When a victim opens the email in the web interface, the JavaScript executes in their browser context, enabling session hijacking and potential account takeover. The vulnerability has been patched in version 0.81, and exploitation requires user interaction (opening the email), making it a moderate-to-high severity issue suitable for rapid patching.

Technical ContextAI

Mail-0 Zero is an open-source email client/server solution that processes and renders email messages in a web interface. The vulnerability stems from CWE-1384 (Improper Neutralization of Noninput Request Data Before Storage or Transmission), which is a variant of improper input sanitization affecting email content handling. The root cause is inadequate HTML/JavaScript sanitization when parsing email messages before rendering them in the browser DOM. The email parsing/rendering pipeline fails to strip or escape dangerous HTML tags (such as <script>, event handlers like onclick, or other XSS vectors) from email bodies. When the email is displayed to an authenticated user via the web UI, the unsanitized content executes with the privileges of the user's authenticated session, allowing the attacker to steal session tokens, cookies, or perform actions on behalf of the victim. CPE identification would be: cpe:2.3:a:mail-0:zero:0.8:*:*:*:*:*:*:*

RemediationAI

Upgrade Mail-0 Zero from version 0.8 to version 0.81 or later; priority: IMMEDIATE; steps: ['Review Mail-0 Zero release notes and changelog for version 0.81+', 'Test patch in non-production environment', 'Deploy patch to all instances running version 0.8', 'Verify successful upgrade and test email rendering functionality'] Workaround (temporary, pre-patch): Disable or restrict web UI access until patch is applied; steps: ['Configure reverse proxy (nginx/Apache) to restrict access to web UI to trusted IPs only', 'Instruct users to use alternative email clients (IMAP/POP3) instead of web interface', 'Implement Content Security Policy (CSP) headers to restrict inline script execution (defense-in-depth)'] Detection and Monitoring: Monitor for exploitation attempts; steps: ['Review email message logs for suspicious JavaScript content in message bodies', 'Monitor session logs for anomalous authentication patterns (session reuse from unexpected IPs)', 'Implement WAF/IDS rules to detect XSS payloads in email headers/bodies']

EUVD-2025-18797 vulnerability details – vuln.today

Back