Vulnerabilities > Smartertools > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-21 | CVE-2023-48114 | Cross-site Scripting vulnerability in Smartertools Smartermail SmarterTools SmarterMail 8495 through 8664 before 8747 allows stored XSS by using image/svg+xml and an uploaded SVG document. | 5.4 |
| 2023-12-21 | CVE-2023-48115 | Cross-site Scripting vulnerability in Smartertools Smartermail SmarterTools SmarterMail 8495 through 8664 before 8747 allows stored DOM XSS because an XSS protection mechanism is skipped when messageHTML and messagePlainText are set in the same request. | 5.4 |
| 2023-12-21 | CVE-2023-48116 | Cross-site Scripting vulnerability in Smartertools Smartermail SmarterTools SmarterMail 8495 through 8664 before 8747 allows stored XSS via a crafted description of a Calendar appointment. | 5.4 |
| 2022-03-14 | CVE-2022-24384 | Cross-site Scripting vulnerability in Smartertools Smartertrack Cross-site Scripting (XSS) vulnerability in SmarterTools SmarterTrack This issue affects: SmarterTools SmarterTrack 100.0.8019.14010. | 4.3 |
| 2022-03-14 | CVE-2022-24385 | Forced Browsing vulnerability in Smartertools Smartertrack A Direct Object Access vulnerability in SmarterTools SmarterTrack leads to information disclosure This issue affects: SmarterTools SmarterTrack 100.0.8019.14010. | 4.0 |
| 2022-03-14 | CVE-2022-24386 | Cross-site Scripting vulnerability in Smartertools Smartertrack Stored XSS in SmarterTools SmarterTrack This issue affects: SmarterTools SmarterTrack 100.0.8019.14010. | 6.1 |
| 2021-11-17 | CVE-2021-43977 | Cross-site Scripting vulnerability in Smartertools Smartermail SmarterTools SmarterMail 16.x through 100.x before 100.0.7803 allows XSS. | 4.3 |
| 2021-08-17 | CVE-2020-29548 | Command Injection vulnerability in Smartertools Smartermail An issue was discovered in SmarterTools SmarterMail through 100.0.7537. | 6.8 |
| 2021-07-06 | CVE-2021-32233 | Cross-site Scripting vulnerability in Smartertools Smartermail SmarterTools SmarterMail before Build 7776 allows XSS. | 4.3 |
| 2019-04-24 | CVE-2019-7213 | Path Traversal vulnerability in Smartertools Smartermail SmarterTools SmarterMail 16.x before build 6985 allows directory traversal. | 5.5 |