CVE-2018-0559
MEDIUMCybozu Mailwise 5.0.0-5.4.1 - Cross-Site Scripting via Address Field
Title source: llmDescription
Cross-site scripting vulnerability in Cybozu Mailwise 5.0.0 to 5.4.1 allows remote attackers to inject arbitrary web script or HTML 'Address' via unspecified vectors.
References (2)
Core 2
Core References
Third Party Advisory third-party-advisory
x_refsource_jvn
http://jvn.jp/en/jp/JVN52319657/index.html
Third Party Advisory x_refsource_confirm
https://support.cybozu.com/ja-jp/article/10196
Scores
CVSS v3
6.1
EPSS
0.0024
EPSS Percentile
46.9%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Details
CWE
CWE-79
Status
published
Products (1)
cybozu/mailwise
5.0.0 - 5.4.1
Published
Jun 26, 2018
Tracked Since
Feb 18, 2026