Remote Stored XSS Vulnerability in Afterlogic WebMail Pro 8.3.11 and Afterlogic Aurora 8.3.11 via Attachment Name

Remote Stored XSS Vulnerability in Afterlogic WebMail Pro 8.3.11 and Afterlogic Aurora 8.3.11 via Attachment Name

CVE-2019-19129 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Afterlogic WebMail Pro 8.3.11, and WebMail in Afterlogic Aurora 8.3.11, allows Remote Stored XSS via an attachment name.

Learn more about our Web App Pen Testing.