We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
An XSS issue was discovered in MDaemon Email Server before version 24.5.1c. An attacker can send an HTML e-mail message with JavaScript in an img tag. This could allow a remote attacker to load arbitrary JavaScript code in the context of a webmail user's browser window.
Reserved 2024-11-13 | Published 2024-11-15 | Updated 2024-11-21 | Assigner ESETCWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Matthieu Faou (ESET)
files.mdaemon.com/mdaemon/beta/RelNotes_en.html
Support options