Filtered by vendor Egain
Subscriptions
Filtered by product Mail
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-17123 | 1 Egain | 1 Mail | 2024-11-21 | 7.5 High |
| The eGain Web Email API 11+ allows spoofed messages because the fromName and message fields (to /system/ws/v11/ss/email) are mishandled, as demonstrated by fromName header injection with a %0a or %0d character. (Also, the message parameter can have initial HTML comment characters.) | ||||
Page 1 of 1.