CVE-2019-15071

CVE-2019-15071

The "/cgi-bin/go" page in MAIL2000 through version 6.0 and 7.0 has a cross-site scripting (XSS) vulnerability, allowing execution of arbitrary code via ACTION parameter without authentication. The code can executed for any user accessing the page. This vulnerability affects many mail system of governments, organizations, companies and universities.

Source: CVE-2019-15071

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다