Vulnerabilities > Apache > Pony Mail
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-22 | CVE-2019-0218 | Cross-site Scripting vulnerability in Apache Pony Mail A vulnerability was discovered wherein a specially crafted URL could enable reflected XSS via JavaScript in the pony mail interface. | 6.1 |
| 2018-10-04 | CVE-2017-5658 | Information Exposure vulnerability in Apache Pony Mail The statistics generator in Apache Pony Mail 0.7 to 0.9 was found to be returning timestamp data without proper authorization checks. | 5.3 |
| 2017-08-22 | CVE-2016-4460 | Improper Authentication vulnerability in Apache Pony Mail 0.6C/0.7B/0.8B Apache Pony Mail 0.6c through 0.8b allows remote attackers to bypass authentication. | 9.8 |