cbcvebase.
CVE-2024-6740
published 2024-07-15

CVE-2024-6740: Openfind's Mail2000 does not properly validate email atachments, allowing unauthenticated remote attackers to inject JavaScript code within the attachment and…

PriorityP425medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EPSS
0.50%
39.1th percentile
Openfind's Mail2000 does not properly validate email atachments, allowing unauthenticated remote attackers to inject JavaScript code within the attachment and perform Stored Cross-site scripting attacks.

Affected

4 ranges
VendorProductVersion rangeFixed in
openfindmail2000
openfindmail2000
openfindmail2000_v7.0>= all < Patch 131Patch 131
openfindmail2000_v8.0>= all < Patch 044Patch 044
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.