Persistent Cross Site Scripting (XSS) in Mailtraq WebMail version 2.17.7.3550 via Email Body

Persistent Cross Site Scripting (XSS) in Mailtraq WebMail version 2.17.7.3550 via Email Body

CVE-2019-9558 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Mailtraq WebMail version 2.17.7.3550 has Persistent Cross Site Scripting (XSS) via the body of an e-mail message. To exploit the vulnerability, the victim must open an email with malicious Javascript inserted into the body of the email as an iframe.

Learn more about our Web App Pen Testing.