Mdaemon Email Server vulnerabilities
2 known vulnerabilities affecting mdaemon/email_server.
Total CVEs
2
CISA KEV
1
actively exploited
Public exploits
0
Exploited in wild
2
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2024-11182P2MEDIUMCVSS 6.1KEV≤ 24.5.02024-11-15
CVE-2024-11182 [MEDIUM] CWE-79 CVE-2024-11182: An XSS issue was discovered in MDaemon Email Server before version 24.5.1c. An attacker can send a
An XSS issue was discovered in
MDaemon Email Server before version 24.5.1c. An attacker can send an HTML e-mail message
with
JavaScript in an img tag. This could
allow a remote attacker
to load arbitrary JavaScript code in the context of a webmail user's browser window.
nvd
CVE-2025-3929P1MEDIUMCVSS 6.1Exploited≥ 20.0.0, < 20.0.9≥ 21.0.0, < 21.0.8+8 more2025-04-29
CVE-2025-3929 [MEDIUM] CWE-79 CVE-2025-3929: An XSS issue was discovered in MDaemon Email Server version 25.0.1 and below. An attacker can send a
An XSS issue was discovered in MDaemon Email Server version 25.0.1 and below. An attacker can send a specially crafted HTML e-mail message with JavaScript in an img tag. This could allow a remote attacker to load arbitrary JavaScript code in the context of a webmail user's browser window, and access user data.
nvd