Unrated severityNVD Advisory· Published Nov 27, 2020· Updated Aug 4, 2024
CVE-2020-29133
CVE-2020-29133
Description
jsp/upload.jsp in Coremail XT 5.0 allows XSS via an uploaded personal signature, as demonstrated by a .jpg.html filename in the signImgFile parameter.
Affected products
2- Coremail XT/Coremail XTdescription
Patches
Vulnerability mechanics
References
1- github.com/fa1c0n1/fa1c0n-vim/blob/master/temp/core_tmp.mdmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.