Vulnerabilities (CVE)

Filtered by vendor Rspamd Project Subscribe
Filtered by product Rspamd
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-11737 1 Rspamd Project 1 Rspamd 2024-02-04 4.3 MEDIUM 6.1 MEDIUM
interface/js/app/history.js in WebUI in Rspamd before 1.6.3 allows XSS via the Subject and Message-Id headers, which are mishandled in the history page.