Vulnerabilities > Afterlogic > Aurora > 8.3.9
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-04 | CVE-2021-26293 | Path Traversal vulnerability in Afterlogic Aurora and Webmail PRO An issue was discovered in AfterLogic Aurora through 8.5.3 and WebMail Pro through 8.5.3, when DAV is enabled. | 6.8 |
| 2019-09-12 | CVE-2019-16238 | Cross-site Scripting vulnerability in Afterlogic Aurora 8.3.9 Afterlogic Aurora through 8.3.9-build-a3 has XSS that can be leveraged for session hijacking by retrieving the session cookie from the administrator login. | 4.3 |