Stored XSS in SmarterMail by SmarterTools
CVE-2019-7211

6.1MEDIUM

Key Information:

Vendor: Smartertools
Status: Smartermail
Vendor: CVE Published:; 24 April 2019

What is CVE-2019-7211?

The stored XSS vulnerability in SmarterMail allows attackers to execute JavaScript code by sending malicious emails or through infected file attachments. This issue affects SmarterMail versions up to and including build 6995, enabling potential exploitation by unauthorized users if they view the malicious content. It is crucial for users of SmarterMail to apply necessary updates to protect against this risk.

References

https://www.smartertools.com/smartermail/release-notes/cu...

x_refsource_CONFIRM

https://www.nccgroup.trust/uk/our-research/technical-advi...

x_refsource_MISC

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Apr 24, 2019
Vulnerability Reserved
Jan 29, 2019

Smartertools

What is CVE-2019-7211?

References

CVSS V3.1

Timeline