Vulnerabilities for Rumble mail server (...) - CXSECURITY.COM

Vulnerabilities for 'Rumble mail server'

2022-04-04

CVE-2021-43459

CWE-79

A Cross Site Scripting (XSS) vulnerability exists in Rumble Mail Server 0.51.3135 via the (1) domain and (2) path parameters.

CVE-2021-43461

CWE-79

Cross Site Scripting (XSS) vulnerability exists in Rumble Mail Server 0.51.3135 via the servername parameter.

CVE-2021-43462

CWE-79

A Cross Site Scripting (XSS) vulnerability exists in Rumble Mail Server 0.51.3135 via the username parameter.

CVE-2021-43456

CWE-428

An Unquoted Service Path vulnerablility exists in Rumble Mail Server 0.51.3135 via via a specially crafted file in the RumbleService executable service path.

Copyright 2024, cxsecurity.com