VYPR
Medium severity6.1NVD Advisory· Published Nov 20, 2019· Updated Jun 17, 2026

CVE-2019-15071

CVE-2019-15071

Description

The "/cgi-bin/go" page in MAIL2000 through version 6.0 and 7.0 has a cross-site scripting (XSS) vulnerability, allowing execution of arbitrary code via ACTION parameter without authentication. The code can executed for any user accessing the page. This vulnerability affects many mail system of governments, organizations, companies and universities.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Openfind/Mail2000llm-fuzzy2 versions
    <=7.0+ 1 more
    • (no CPE)range: <=7.0
    • (no CPE)range: 6.0

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.