VYPR
Unrated severityNVD Advisory· Published Nov 27, 2020· Updated Aug 4, 2024

CVE-2020-29133

CVE-2020-29133

Description

jsp/upload.jsp in Coremail XT 5.0 allows XSS via an uploaded personal signature, as demonstrated by a .jpg.html filename in the signImgFile parameter.

Affected products

2
  • Coremail XT/Coremail XTdescription
  • Gambio/Xt\llm-fuzzy
    Range: = 5.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.