What is the severity of CVE-2013-6017?

CVE-2013-6017 is classified as a medium severity vulnerability due to its potential for cross-site scripting attacks.

How do I fix CVE-2013-6017?

To fix CVE-2013-6017, upgrade your Atmail Webmail Server to version 7.2 or later where the vulnerability has been addressed.

What versions of Atmail are affected by CVE-2013-6017?

CVE-2013-6017 affects Atmail Webmail Server versions 6.3.0 - 7.1.6 and older.

What type of vulnerability is CVE-2013-6017?

CVE-2013-6017 is a cross-site scripting (XSS) vulnerability that allows attackers to inject arbitrary web scripts or HTML.

Can CVE-2013-6017 be exploited remotely?

Yes, CVE-2013-6017 can be exploited remotely by attackers through malicious email content.

Vulnerability/
CVE-2013-6017

medium

4.3

CWE

12/1/2014

6/8/2024

CVE-2013-6017: XSS

First published: Sun Jan 12 2014(Updated: )

Cross-site scripting (XSS) vulnerability in Atmail Webmail Server before 7.2 allows remote attackers to inject arbitrary web script or HTML via the body of an e-mail message, as demonstrated by the SRC attribute of an IFRAME element.

Credit: cret@cert.org

Affected Software	Affected Version	How to fix
Phlymail	<=7.1.6
Phlymail	=6.3.0
Phlymail	=6.3.1
Phlymail	=6.3.2
Phlymail	=6.3.3
Phlymail	=6.3.4
Phlymail	=6.3.5
Phlymail	=6.3.6
Phlymail	=6.4.0
Phlymail	=6.4.1
Phlymail	=6.4.2
Phlymail	=6.5.0
Phlymail	=6.6.0
Phlymail	=6.6.1
Phlymail	=6.6.2
Phlymail	=6.6.3
Phlymail	=6.6.4
Phlymail	=6.20.4
Phlymail	=6.20.5
Phlymail	=6.20.6
Phlymail	=6.20.7
Phlymail	=6.20.8
Phlymail	=6.20.10
Phlymail	=6.20.11
Phlymail	=6.20.12
Phlymail	=6.20.13
Phlymail	=7.1.0
Phlymail	=7.1.1
Phlymail	=7.1.2
Phlymail	=7.1.3
Phlymail	=7.1.4
Phlymail	=7.1.5

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2013-6017?
CVE-2013-6017 is classified as a medium severity vulnerability due to its potential for cross-site scripting attacks.
How do I fix CVE-2013-6017?
To fix CVE-2013-6017, upgrade your Atmail Webmail Server to version 7.2 or later where the vulnerability has been addressed.
What versions of Atmail are affected by CVE-2013-6017?
CVE-2013-6017 affects Atmail Webmail Server versions 6.3.0 - 7.1.6 and older.
What type of vulnerability is CVE-2013-6017?
CVE-2013-6017 is a cross-site scripting (XSS) vulnerability that allows attackers to inject arbitrary web scripts or HTML.
Can CVE-2013-6017 be exploited remotely?
Yes, CVE-2013-6017 can be exploited remotely by attackers through malicious email content.

agent/references
agent/type
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/severity
agent/first-publish-date
agent/description
agent/author
agent/event
agent/source
agent/weakness
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/atmail
canonical/phlymail
version/phlymail/7.1.6
version/phlymail/6.3.0
version/phlymail/6.3.1
version/phlymail/6.3.2
version/phlymail/6.3.3
version/phlymail/6.3.4
version/phlymail/6.3.5
version/phlymail/6.3.6
version/phlymail/6.4.0
version/phlymail/6.4.1
version/phlymail/6.4.2
version/phlymail/6.5.0
version/phlymail/6.6.0
version/phlymail/6.6.1
version/phlymail/6.6.2
version/phlymail/6.6.3
version/phlymail/6.6.4
version/phlymail/6.20.4
version/phlymail/6.20.5
version/phlymail/6.20.6
version/phlymail/6.20.7
version/phlymail/6.20.8
version/phlymail/6.20.10
version/phlymail/6.20.11
version/phlymail/6.20.12
version/phlymail/6.20.13
version/phlymail/7.1.0
version/phlymail/7.1.1
version/phlymail/7.1.2
version/phlymail/7.1.3
version/phlymail/7.1.4
version/phlymail/7.1.5