Filtered by vendor Winmail Project
Subscriptions
Filtered by product Winmail
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-23774 | 1 Winmail Project | 1 Winmail | 2024-08-04 | 6.1 Medium |
| A reflected XSS vulnerability exists in tohtml/convert.php of Winmail 6.5, which can cause JavaScript code to be executed. | ||||
| CVE-2020-23776 | 1 Winmail Project | 1 Winmail | 2024-08-04 | 7.5 High |
| A SSRF vulnerability exists in Winmail 6.5 in app.php in the key parameter when HTTPS is on. An attacker can use this vulnerability to cause the server to send a request to a specific URL. An attacker can modify the request header 'HOST' value to cause the server to send the request. | ||||
Page 1 of 1.