CVE-2022-30776: XSS
First published: Mon May 16 2022(Updated: )
atmail 6.5.0 allows XSS via the index.php/admin/index/ error parameter.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Phlymail | =6.5.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this atmail vulnerability?
The vulnerability ID of this atmail vulnerability is CVE-2022-30776.
What is the title of this atmail vulnerability?
The title of this atmail vulnerability is 'atmail 6.5.0 allows XSS via the index.php/admin/index/ error parameter.'
What is the severity level of CVE-2022-30776?
The severity level of CVE-2022-30776 is medium.
How does the vulnerability in atmail 6.5.0 occur?
The vulnerability in atmail 6.5.0 occurs when an attacker is able to inject malicious scripts into the 'error' parameter of the 'index.php/admin/index/' page, leading to cross-site scripting (XSS) attacks.
Is there a fix available for this atmail vulnerability?
Yes, there is a fix available for this atmail vulnerability. It is recommended to update to a version of atmail that is not affected by this vulnerability.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/author
- agent/references
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/weakness
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/atmail
- canonical/phlymail
- version/phlymail/6.5.0