header-logo
Suggest Exploit
vendor:
Mdaemon Webmail
by:
Kailash Bohara
8.8
CVSS
HIGH
Stored Cross Site Scripting (XSS)
79
CWE
Product Name: Mdaemon Webmail
Affected Version From: Mdaemon webmail < 20.0.0
Affected Version To: Mdaemon webmail < 20.0.0
Patch Exists: YES
Related CWE: 2020-18723
CPE: 2.3:a:altn_technologies:mdaemon_webmail:20.0.0
Metasploit: N/A
Other Scripts: N/A
Platforms Tested: None
2020

Alt-N MDaemon webmail 20.0.0 – ‘file name’ Stored Cross Site Scripting (XSS)

Renaming a file and setting its name as <img src=x onerror=alert(1)>.jpg, going to New mail, selecting recipient and the selecting attachment, and sending the mail to recipient and opening email from recipent side, can lead to the execution of the code when the victim clicks on the forward button, resulting in a XSS pop-up.

Mitigation:

Ensure that user input is properly sanitized and validated before being used in the application.
Source

Exploit-DB raw data:

# Exploit Title: Alt-N MDaemon webmail 20.0.0 - 'file name' Stored Cross Site Scripting (XSS)
# Date: 2020-08-25
# Exploit Author: Kailash Bohara
# Vendor Homepage: https://www.altn.com/
# Version: Mdaemon webmail < 20.0.0
# CVE : 2020-18723

1. Rename a file and set it’s name as <img src=x onerror=alert(1)>.jpg
2. Go to New mail, select recipient and the select attachment. Code gets executed as right after upload so it becomes self XSS.
3. Send the mail to recipient and open email from recipent side. Opening just a mail doesn’t executes the code but when the victim clicks on forward button, XSS pop-up is shown.

Navigation

Suggest Exploit

Services By CQR