VYPR
Medium severity5.4NVD Advisory· Published Jun 2, 2023· Updated Jun 17, 2026

CVE-2023-28705

CVE-2023-28705

Description

Openfind Mail2000 has insufficient filtering special characters of email content of its content filtering function. A remote attacker can exploit this vulnerability using phishing emails that contain malicious web pages injected with JavaScript. When users access the system and open the email, it triggers an XSS (Reflected Cross-site scripting) attack.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Openfind/Mail2000llm-fuzzy2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: unspecified

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.