CVE-2025-2150

The C&Cm@il from HGiga has a Stored Cross-Site Scripting (XSS) vulnerability, allowing remote attackers with regular privileges to send emails containing malicious JavaScript code, which will be executed in the recipient's browser when they view the email. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt