VYPR

Basic Webmail

by Basic Webmail Project

CVEs (2)

  • CVE-2012-5570Feb 8, 2020
    risk 0.00cvss epss 0.01

    The Basic webmail module 6.x-1.x before 6.x-1.2 for Drupal allows remote authenticated users with the "access basic_webmail" permission to read arbitrary users' email addresses.

  • CVE-2012-5569Dec 3, 2012
    risk 0.00cvss epss 0.02

    Multiple cross-site scripting (XSS) vulnerabilities in the Basic webmail module 6.x-1.x before 6.x-1.2 for Drupal allow remote attackers to inject arbitrary web script or HTML via a (1) page title or (2) crafted email message.