Vulnerabilities > Smartertools > Smartermail > 9.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-08-17 | CVE-2020-29548 | Command Injection vulnerability in Smartertools Smartermail An issue was discovered in SmarterTools SmarterMail through 100.0.7537. | 6.8 |
2021-07-06 | CVE-2021-32233 | Cross-site Scripting vulnerability in Smartertools Smartermail SmarterTools SmarterMail before Build 7776 allows XSS. | 4.3 |
2019-01-16 | CVE-2015-9276 | Cross-site Scripting vulnerability in Smartertools Smartermail SmarterTools SmarterMail before 13.3.5535 was vulnerable to stored XSS by bypassing the anti-XSS mechanisms. | 4.3 |
2012-09-19 | CVE-2012-2578 | Cross-Site Scripting vulnerability in Smartertools Smartermail 9.2 Multiple cross-site scripting (XSS) vulnerabilities in SmarterMail 9.2 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with (1) a JavaScript alert function used in conjunction with the fromCharCode method, (2) a SCRIPT element, (3) a Cascading Style Sheets (CSS) expression property in the STYLE attribute of an arbitrary element, or (4) an innerHTML attribute within an XML document. | 4.3 |