Filtered by vendor Zarafa
Subscriptions
Filtered by product Webaccess
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-7219 | 1 Zarafa | 1 Webaccess | 2024-11-21 | N/A |
| Unauthenticated reflected cross-site scripting (XSS) exists in Zarafa Webapp 2.0.1.47791 and earlier. NOTE: this is a discontinued product. The issue was fixed in later Zarafa Webapp versions; however, some former Zarafa Webapp customers use the related Kopano product instead. | ||||
| CVE-2014-5449 | 1 Zarafa | 2 Webaccess, Webapp | 2024-11-21 | N/A |
| Zarafa WebAccess 4.1 and WebApp uses world-readable permissions for the files in their tmp directory, which allows local users to obtain sensitive information by reading temporary session data. | ||||
Page 1 of 1.