Vulnerabilities > Afterlogic > Webmail PRO

DATE CVE VULNERABILITY TITLE RISK
2021-03-07 CVE-2021-26294 Path Traversal vulnerability in Afterlogic Aurora and Webmail PRO
An issue was discovered in AfterLogic Aurora through 7.7.9 and WebMail Pro through 7.7.9.
network
low complexity
afterlogic CWE-22
7.5
7.5
2021-03-04 CVE-2021-26293 Path Traversal vulnerability in Afterlogic Aurora and Webmail PRO
An issue was discovered in AfterLogic Aurora through 8.5.3 and WebMail Pro through 8.5.3, when DAV is enabled.
network
low complexity
afterlogic CWE-22
critical
 9.8
9.8
2019-11-26 CVE-2019-19129 Cross-site Scripting vulnerability in Afterlogic Aurora and Webmail PRO
Afterlogic WebMail Pro 8.3.11, and WebMail in Afterlogic Aurora 8.3.11, allows Remote Stored XSS via an attachment name.
network
low complexity
afterlogic CWE-79
6.1
6.1