Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
SmarterTools SmarterMail 8495 through 8664 before 8747 allows stored XSS by using image/svg+xml and an uploaded SVG document. This occurs because the application tries to allow youtube.com URLs, but actually allows youtube.com followed by an @ character and an attacker-controlled domain name.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SmarterTools SmarterMail 安全漏洞
Vulnerability Description
SmarterTools SmarterMail是SmarterTools公司的一套邮件服务器软件。该软件支持垃圾邮件过滤、数据统计、简单邮件传输协议SMTP验证等功能。 SmarterTools SmarterMail 8495版本至8664版本存在安全漏洞,该漏洞源于允许通过上传的SVG文档导致存储型跨站脚本(XSS)漏洞。
CVSS Information
N/A
Vulnerability Type
N/A