Skip to main content

Mdaemon Email Server

2 CVEs product

Monthly

CVE-2019-19497 MEDIUM POC This Month

MDaemon Email Server 17.5.1 allows XSS via the filename of an attachment to an email message. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Mdaemon Email Server
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2019-13612 HIGH This Week

MDaemon Email Server 19 through 20.0.1 skips SpamAssassin checks by default for e-mail messages larger than 2 MB (and limits checks to 10 MB even with special configuration), which is arguably. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Mdaemon Email Server
NVD
CVSS 3.0
7.5
EPSS
1.3%
EPSS 1% CVSS 5.4
MEDIUM POC This Month

MDaemon Email Server 17.5.1 allows XSS via the filename of an attachment to an email message. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Mdaemon Email Server
NVD GitHub
EPSS 1% CVSS 7.5
HIGH This Week

MDaemon Email Server 19 through 20.0.1 skips SpamAssassin checks by default for e-mail messages larger than 2 MB (and limits checks to 10 MB even with special configuration), which is arguably. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Mdaemon Email Server
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy