Vulnerabilities > Smartertools
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-21 | CVE-2023-48114 | Cross-site Scripting vulnerability in Smartertools Smartermail SmarterTools SmarterMail 8495 through 8664 before 8747 allows stored XSS by using image/svg+xml and an uploaded SVG document. | 5.4 |
| 2023-12-21 | CVE-2023-48115 | Cross-site Scripting vulnerability in Smartertools Smartermail SmarterTools SmarterMail 8495 through 8664 before 8747 allows stored DOM XSS because an XSS protection mechanism is skipped when messageHTML and messagePlainText are set in the same request. | 5.4 |
| 2023-12-21 | CVE-2023-48116 | Cross-site Scripting vulnerability in Smartertools Smartermail SmarterTools SmarterMail 8495 through 8664 before 8747 allows stored XSS via a crafted description of a Calendar appointment. | 5.4 |
| 2022-03-14 | CVE-2022-24384 | Cross-site Scripting vulnerability in Smartertools Smartertrack Cross-site Scripting (XSS) vulnerability in SmarterTools SmarterTrack This issue affects: SmarterTools SmarterTrack 100.0.8019.14010. | 4.3 |
| 2022-03-14 | CVE-2022-24385 | Forced Browsing vulnerability in Smartertools Smartertrack A Direct Object Access vulnerability in SmarterTools SmarterTrack leads to information disclosure This issue affects: SmarterTools SmarterTrack 100.0.8019.14010. | 4.0 |
| 2022-03-14 | CVE-2022-24386 | Cross-site Scripting vulnerability in Smartertools Smartertrack Stored XSS in SmarterTools SmarterTrack This issue affects: SmarterTools SmarterTrack 100.0.8019.14010. | 3.5 |
| 2022-03-14 | CVE-2022-24387 | Unrestricted Upload of File with Dangerous Type vulnerability in Smartertools Smartertrack With administrator or admin privileges the application can be tricked into overwriting files in app_data/Config folder, e.g. | 6.5 |
| 2021-11-17 | CVE-2021-32234 | Unspecified vulnerability in Smartertools Smartermail SmarterTools SmarterMail 16.x through 100.x before 100.0.7803 allows remote code execution. | 7.5 |
| 2021-11-17 | CVE-2021-43977 | Cross-site Scripting vulnerability in Smartertools Smartermail SmarterTools SmarterMail 16.x through 100.x before 100.0.7803 allows XSS. | 4.3 |
| 2021-09-08 | CVE-2021-40377 | Cross-site Scripting vulnerability in Smartertools Smartermail SmarterTools SmarterMail 16.x before build 7866 has stored XSS. | 3.5 |