CVE-2024-11182 Information

Description

An XSS issue was discovered in

MDaemon Email Server before version 24.5.1c. An attacker can send an HTML e-mail message with JavaScript in an img tag. This could allow a remote attacker

to load arbitrary JavaScript code in the context of a webmail user’s browser window.

Reference

https://files.mdaemon.com/mdaemon/beta/RelNotes_en.html