Vulnerabilities > Winmail Project
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-01-26 | CVE-2020-23776 | Server-Side Request Forgery (SSRF) vulnerability in Winmail Project Winmail 6.5 A SSRF vulnerability exists in Winmail 6.5 in app.php in the key parameter when HTTPS is on. | 7.5 |
2021-01-26 | CVE-2020-23774 | Cross-site Scripting vulnerability in Winmail Project Winmail 6.5 A reflected XSS vulnerability exists in tohtml/convert.php of Winmail 6.5, which can cause JavaScript code to be executed. | 6.1 |