Vulnerability Database

290,020

Total vulnerabilities in the database

CVE-2024-11182

An XSS issue was discovered in

MDaemon Email Server before version 24.5.1c. An attacker can send an HTML e-mail message with JavaScript in an img tag. This could allow a remote attacker

to load arbitrary JavaScript code in the context of a webmail user's browser window.

  • Published: Nov 15, 2024
  • Updated: May 4, 2025
  • CVE: CVE-2024-11182
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 6.1
  • AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWEs:

OWASP TOP 10:

Software From Fixed in
mdaemon / mdaemon - 24.5.1