Medium severity6.1NVD Advisory· Published Jul 29, 2017· Updated Jun 17, 2026
CVE-2017-11737
CVE-2017-11737
Description
interface/js/app/history.js in WebUI in Rspamd before 1.6.3 allows XSS via the Subject and Message-Id headers, which are mishandled in the history page.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
2- github.com/vstakhov/rspamd/issues/1738nvdExploitIssue TrackingThird Party Advisory
- github.com/vstakhov/rspamd/releases/tag/1.6.3nvdRelease NotesThird Party Advisory
News mentions
0No linked articles in our index yet.