MidnightBSD

Advisories for spamtitan

CVE-2014-2965 MEDIUM

Cross-site scripting (XSS) vulnerability in auth-settings-x.php in SpamTitan before 6.04 allows remote attackers to inject arbitrary web script or HTML via the sortdir parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
spamtitan spamtitan 5.07
spamtitan spamtitan 5.05
spamtitan spamtitan 6.01
spamtitan spamtitan 5.08
spamtitan spamtitan 6.00
spamtitan spamtitan 5.04
spamtitan spamtitan 5.10
spamtitan spamtitan *
spamtitan spamtitan 5.13
spamtitan spamtitan 5.12
spamtitan spamtitan 5.06
spamtitan spamtitan 5.11