Filtered by vendor Winmail Project
Subscriptions
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2020-23776 | 1 Winmail Project | 1 Winmail | 2024-11-21 | 7.5 High |
A SSRF vulnerability exists in Winmail 6.5 in app.php in the key parameter when HTTPS is on. An attacker can use this vulnerability to cause the server to send a request to a specific URL. An attacker can modify the request header 'HOST' value to cause the server to send the request. | ||||
CVE-2020-23774 | 1 Winmail Project | 1 Winmail | 2024-11-21 | 6.1 Medium |
A reflected XSS vulnerability exists in tohtml/convert.php of Winmail 6.5, which can cause JavaScript code to be executed. |
Page 1 of 1.