Alt-N MDaemon Webmail 20.0.0 Cross Site Scripting

2021.02.08
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79

# Exploit Title: Alt-N MDaemon webmail 20.0.0 - 'Contact name' Stored Cross Site Scripting (XSS) # Date: 2020-08-25 # Exploit Author: Kailash Bohara # Vendor Homepage: https://www.altn.com/ # Version: Mdaemon webmail < 20.0.0 # CVE : 2020-18724 1. Go to contact section and distribution list menu. Create a new distribution list. 2. Contact name field is vulnerabile to XSS. Use the payload <img src=x onerror=alert(1)> 3. We can see execution code and after saving it, each time we visits the distribution list section the XSS pop-up is seen. # Exploit Title: Alt-N MDaemon webmail 20.0.0 - 'file name' Stored Cross Site Scripting (XSS) # Date: 2020-08-25 # Exploit Author: Kailash Bohara # Vendor Homepage: https://www.altn.com/ # Version: Mdaemon webmail < 20.0.0 # CVE : 2020-18723 1. Rename a file and set it’s name as <img src=x onerror=alert(1)>.jpg 2. Go to New mail, select recipient and the select attachment. Code gets executed as right after upload so it becomes self XSS. 3. Send the mail to recipient and open email from recipent side. Opening just a mail doesn’t executes the code but when the victim clicks on forward button, XSS pop-up is shown.


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2021, cxsecurity.com

 

Back to Top