Hastymail Hastymail2 vulnerabilities
3 known vulnerabilities affecting hastymail/hastymail2.
Total CVEs
3
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2011-4542P2HIGHCVSS 7.5PoC≤ 2.1.1v1.0+8 more2011-11-30
CVE-2011-4542 [HIGH] CWE-89 CVE-2011-4542: Hastymail2 2.1.1 before RC2 allows remote attackers to execute arbitrary commands via the (1) rs or
Hastymail2 2.1.1 before RC2 allows remote attackers to execute arbitrary commands via the (1) rs or (2) rsargs[] parameter in a mailbox Drafts action to the default URI.
nvd
CVE-2011-4541P4MEDIUMCVSS 4.3PoC≤ 2.1.1v1.0+8 more2011-11-29
CVE-2011-4541 [MEDIUM] CWE-79 CVE-2011-4541: Cross-site scripting (XSS) vulnerability in index.php in Hastymail2 2.1.1 before RC2 allows remote a
Cross-site scripting (XSS) vulnerability in index.php in Hastymail2 2.1.1 before RC2 allows remote attackers to inject arbitrary web script or HTML via the rs parameter in a mailbox Drafts action.
nvd
CVE-2010-4646P4MEDIUMCVSS 4.3≤ 1.02011-01-18
CVE-2010-4646 [MEDIUM] CWE-79 CVE-2010-4646: Cross-site scripting (XSS) vulnerability in Hastymail2 before 1.01 allows remote attackers to inject
Cross-site scripting (XSS) vulnerability in Hastymail2 before 1.01 allows remote attackers to inject arbitrary web script or HTML via a crafted background attribute within a cell in a TABLE element, related to improper use of the htmLawed filter.
nvd