CVE-2019-7211: XSS
First published: Wed Apr 24 2019(Updated: )
SmarterTools SmarterMail 16.x before build 6995 has stored XSS. JavaScript code could be executed on the application by opening a malicious email or when viewing a malicious file attachment.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SmarterTools SmarterMail | >=16.0.6345<16.3.6955 | |
| >=16.0.6345<16.3.6955 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2019-7211?
CVE-2019-7211 is a vulnerability in SmarterTools SmarterMail 16.x before build 6995 that allows for stored XSS attacks.
How can JavaScript code be executed in SmarterMail?
JavaScript code can be executed in SmarterMail by opening a malicious email or viewing a malicious file attachment.
What is the severity of CVE-2019-7211?
The severity of CVE-2019-7211 is medium with a CVSS score of 6.1.
What software is affected by CVE-2019-7211?
SmarterTools SmarterMail 16.x versions before build 6995 are affected by CVE-2019-7211.
How can I fix CVE-2019-7211 in SmarterMail?
To fix CVE-2019-7211, update SmarterMail to build 6995 or later.
- collector/nvd-index
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/description
- agent/first-publish-date
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/author
- agent/softwarecombine
- agent/tags
- agent/event
- vendor/smartertools
- canonical/smartertools smartermail
- version/smartertools smartermail/16.0.6345