CVE-2022-27105

Description

InMailX Outlook Plugin < 3.22.0101 is vulnerable to Cross Site Scripting (XSS). InMailX Connection names are not sanitzed in the Outlook tab, which allows a local user or network administrator to execute HTML / Javascript in the Outlook of users.

Related CPE's

a digitus inmailx ********

References

http://www.inmailx.com/products/inmailx

ProductVendor Advisory

https://gist.github.com/TheWorkingDeveloper/9b7afbfe56938294480f7613805d3b7f

ExploitThird Party Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics

Created by Yello

About Severity.io