Publish date
15 August 2019
Identifier
CVE-2018-15511
Manufacturer
Totemo AG
Product
Totemomail 6.0.0
Patched
Fixed in totemomail 6.0 to build 578
Authors
Michael Skiba, Andre Waldhoff, Carsten Sandker
Description
Cross-site scripting (XSS) vulnerability in the 'Notification’ feature of totemomail 6.0.0 build 570 allows remote attackers to inject arbitrary web script or HTML.