[MAVEN:GHSA-7CRP-P2VC-69R7] Apache James Hupa Webmail application Cross-site Scripting Vulnerabilities
Severity
Moderate
Affected Packages
1
Fixed Packages
1
CVEs
1
Two XSS vulnerabilities were fixed in message list and view in the Hupa Webmail application from the Apache James project. An attacker could send a carefully crafted email to a user of Hupa which would trigger a XSS when the email was opened or when a list of messages were viewed. This issue was addressed in Hupa 0.0.3.
Package | Affected Version |
---|---|
pkg:maven/org.apache.james.hupa/hupa-parent | < 0.0.3 |
Package | Fixed Version |
---|---|
pkg:maven/org.apache.james.hupa/hupa-parent | = 0.0.3 |
- ID
- MAVEN:GHSA-7CRP-P2VC-69R7
- Severity
- moderate
- URL
- https://github.com/advisories/GHSA-7crp-p2vc-69r7
- Published
-
2022-05-14T03:37:10
(2 years ago) - Modified
-
2023-08-29T21:19:24
(12 months ago) - Rights
- Maven Security Team
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:maven/org.apache.james.hupa/hupa-parent | org.apache.james.hupa | hupa-parent | < 0.0.3 | |||
Fixed | pkg:maven/org.apache.james.hupa/hupa-parent | org.apache.james.hupa | hupa-parent | = 0.0.3 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |