CVE-2019-15054

Severity CVSS v4.0:
Pending analysis
Type:
CWE-79 Cross-Site Scripting (XSS)
Publication date:
18/11/2019
Last modified:
20/11/2019

Description

Multiple cross-site scripting (XSS) vulnerabilities in Mailbird before 2.7.5.0 r allow remote attackers to execute arbitrary JavaScript in a privileged context via a crafted HTML mail message. This vulnerability is distinct from CVE-2015-4657.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:getmailbird:mailbird:*:*:*:*:*:*:*:* 2.7.5.0 (excluding)