cve/2020/CVE-2020-26554.md

CVE-2020-26554

Description

REDDOXX MailDepot 2033 (aka 2.3.3022) allows XSS via an incoming HTML e-mail message.

POC

Reference

• http://packetstormsecurity.com/files/160077/MailDepot-2033-2.3.3022-Cross-Site-Scripting.html
• https://www.syss.de/pentest-blog/syss-2020-037-persistent-cross-site-scripting-schwachstelle-in-reddoxx-maildepot

Github

No PoCs found on GitHub currently.