CVE-2024-3194

Summary

A vulnerability was found in MailCleaner up to 2023.03.14 and classified as problematic. Affected by this issue is some unknown functionality of the component Log File Endpoint. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. VDB-262310 is the identifier assigned to this vulnerability.

Affected Software

VendorProductVersion RangeStatus
n/aMailCleaner2023.03.0affected
n/aMailCleaner2023.03.1affected
n/aMailCleaner2023.03.2affected
n/aMailCleaner2023.03.3affected
n/aMailCleaner2023.03.4affected
n/aMailCleaner2023.03.5affected
n/aMailCleaner2023.03.6affected
n/aMailCleaner2023.03.7affected
n/aMailCleaner2023.03.8affected
n/aMailCleaner2023.03.9affected
n/aMailCleaner2023.03.10affected
n/aMailCleaner2023.03.11affected
n/aMailCleaner2023.03.12affected
n/aMailCleaner2023.03.13affected
n/aMailCleaner2023.03.14affected

Weaknesses

  • CWE-79: CWE-79 Cross Site Scripting

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References