Skip to main content

Mailplus Server

2 CVEs product

Monthly

CVE-2017-16768 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in User Policy editor in Synology MailPlus Server before 1.4.0-0415 allows remote authenticated users to inject arbitrary HTML via the name parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Synology Mailplus Server
NVD
CVSS 3.0
4.8
EPSS
0.2%
CVE-2017-15890 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Disclaimer in Synology MailPlus Server before 1.4.0-0415 allows remote authenticated users to inject arbitrary web script or HTML via the NAME parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Synology Mailplus Server
NVD
CVSS 3.0
4.8
EPSS
0.2%
EPSS 0% CVSS 4.8
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in User Policy editor in Synology MailPlus Server before 1.4.0-0415 allows remote authenticated users to inject arbitrary HTML via the name parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Synology Mailplus Server
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Disclaimer in Synology MailPlus Server before 1.4.0-0415 allows remote authenticated users to inject arbitrary web script or HTML via the NAME parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Synology Mailplus Server
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy