CVE-2019-9557

Published: 2019-03-12T19:29Z

Last Modified: 2024-11-21T04:51Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Ability Mail Server 4.2.6 has Persistent Cross Site Scripting (XSS) via the body e-mail body. To exploit the vulnerability, the victim must open an email with malicious Javascript inserted into the body of the email as an iframe. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt