Communigate Pro vulnerabilities
2 known vulnerabilities affecting communigate/communigate_pro.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2017-16962P3MEDIUMCVSS 6.1PoCfixed in 6.2.12017-11-27
CVE-2017-16962 [MEDIUM] CWE-79 CVE-2017-16962: The WebMail components (Crystal, pronto, and pronto4) in CommuniGate Pro before 6.2.1 have stored XS
The WebMail components (Crystal, pronto, and pronto4) in CommuniGate Pro before 6.2.1 have stored XSS vulnerabilities via (1) the location or details field of a Google Calendar invitation, (2) a crafted Outlook.com calendar (aka Hotmail Calendar) invitation, (3) e-mail granting access to a directory that has JavaScript in its name, (4) JavaScript in
nvd
CVE-2018-18621P4MEDIUMCVSS 6.1v6.22018-10-24
CVE-2018-18621 [MEDIUM] CWE-79 CVE-2018-18621: CommuniGate Pro 6.2 allows stored XSS via a message body in Pronto! Mail Composer, which is mishandl
CommuniGate Pro 6.2 allows stored XSS via a message body in Pronto! Mail Composer, which is mishandled in /MIME/INBOX-MM-1/ if the raw email link (in .txt format) is modified and then renamed with a .html or .wssp extension.
nvd