CVE-2024-11182

Beschreibung

An XSS issue was discovered in MDaemon Email Server before version 24.5.1c. An attacker can send an HTML e-mail message with JavaScript in an img tag. This could allow a remote attacker to load arbitrary JavaScript code in the context of a webmail user's browser window.

Schweregrad: MEDIUM

CVSS-Score: 6.1