CVE-2022-37238
- EPSS 0.64%
- Published 25.08.2022 16:15:08
- Last modified 21.11.2024 07:14:38
MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the currentRequest parameter.
CVE-2022-37244
- EPSS 0.55%
- Published 25.08.2022 15:15:10
- Last modified 21.11.2024 07:14:39
MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to IFRAME Injectionvia the currentRequest parameter. after login leads to inject malicious tag leads to IFRAME injection.
CVE-2022-37245
- EPSS 0.55%
- Published 25.08.2022 15:15:10
- Last modified 21.11.2024 07:14:39
MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the Blacklist endpoint.
CVE-2022-37239
- EPSS 0.55%
- Published 25.08.2022 15:15:09
- Last modified 21.11.2024 07:14:38
MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the rulles_list_ajax endpoint.
CVE-2022-37240
- EPSS 1.14%
- Published 25.08.2022 15:15:09
- Last modified 21.11.2024 07:14:38
MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to HTTP Response splitting via the format parameter.
CVE-2022-37241
- EPSS 0.55%
- Published 25.08.2022 15:15:09
- Last modified 21.11.2024 07:14:38
MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the data_leak_list_ajax endpoint.
CVE-2022-37242
- EPSS 0.85%
- Published 25.08.2022 15:15:09
- Last modified 21.11.2024 07:14:38
MDaemon Technologies SecurityGateway for Email Servers 8.5.2, is vulnerable to HTTP Response splitting via the data parameter.
CVE-2022-37243
- EPSS 0.55%
- Published 25.08.2022 15:15:09
- Last modified 21.11.2024 07:14:38
MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the whitelist endpoint.