Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The WebMail components (Crystal, pronto, and pronto4) in CommuniGate Pro before 6.2.1 have stored XSS vulnerabilities via (1) the location or details field of a Google Calendar invitation, (2) a crafted Outlook.com calendar (aka Hotmail Calendar) invitation, (3) e-mail granting access to a directory that has JavaScript in its name, (4) JavaScript in a note name, (5) JavaScript in a task name, or (6) HTML e-mail that is mishandled in the Inbox component.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
CommuniGate Pro WebMail Crystal、pronto和pronto4组件跨站脚本漏洞
Vulnerability Description
CommuniGate Pro是美国CommuniGate公司开发的一款综合性邮件传输代理(MTA),支持多种平台。WebMail Crystal、pronto和pronto4都是使用在其中的组件。 CommuniGate Pro 6.2.1之前的版本中WebMail Crystal、pronto和pronto4组件存在跨站脚本漏洞。远程攻击者可利用该漏洞在浏览器中执行脚本,从而劫持用户会话,破坏网站或将用户重定向到恶意的网站。
CVSS Information
N/A
Vulnerability Type
N/A