Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Basic Webmail Project Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2012-5569 3 Basic Webmail Project, Drupal, Jason Flatt 3 Basic Webmail, Drupal, Basic Webmail 2021-04-15 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in the Basic webmail module 6.x-1.x before 6.x-1.2 for Drupal allow remote attackers to inject arbitrary web script or HTML via a (1) page title or (2) crafted email message.
CVE-2012-5570 1 Basic Webmail Project 1 Basic Webmail 2020-03-16 4.0 MEDIUM 4.3 MEDIUM
The Basic webmail module 6.x-1.x before 6.x-1.2 for Drupal allows remote authenticated users with the "access basic_webmail" permission to read arbitrary users' email addresses.