Vulnerabilities > Winmail Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-26 | CVE-2020-23776 | Server-Side Request Forgery (SSRF) vulnerability in Winmail Project Winmail 6.5 A SSRF vulnerability exists in Winmail 6.5 in app.php in the key parameter when HTTPS is on. | 5.0 |
| 2021-01-26 | CVE-2020-23774 | Cross-site Scripting vulnerability in Winmail Project Winmail 6.5 A reflected XSS vulnerability exists in tohtml/convert.php of Winmail 6.5, which can cause JavaScript code to be executed. | 4.3 |