Medium severity6.1NVD Advisory· Published May 3, 2017· Updated Jun 17, 2026
CVE-2015-9057
CVE-2015-9057
Description
Multiple cross-site scripting (XSS) vulnerabilities in Proxmox Mail Gateway prior to hotfix 4.0-8-097d26a9 allow remote attackers to inject arbitrary web script or HTML via multiple parameters, related to /users/index.htm, /quarantine/spam/manage.htm, /quarantine/spam/whitelist.htm, /queues/mail/index/, /system/ssh.htm, /queues/mail/?domain=, and /quarantine/virus/manage.htm.
Affected products
2cpe:2.3:a:proxmox:proxmox_mail_gateway:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:proxmox:proxmox_mail_gateway:*:*:*:*:*:*:*:*range: <=4.0-4\/b38fc5d9
- (no CPE)range: <4.0-8-097d26a9
Patches
Vulnerability mechanics
References
1- www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-024/nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.