CVE-2018-15511

Cross-Site Scripting

Publish date

15 August 2019

Identifier

CVE-2018-15511

Manufacturer

Totemo AG

Product

Totemomail 6.0.0

Patched

Fixed in totemomail 6.0 to build 578

Authors

Michael Skiba, Andre Waldhoff, Carsten Sandker

Description

Cross-site scripting (XSS) vulnerability in the 'Notification’ feature of totemomail 6.0.0 build 570 allows remote attackers to inject arbitrary web script or HTML.

CBEST
CREST STAR
CHECK IT Health Check Service
CREST
Cyber Essentials
CESG Certified Service
First - Improving Security Together
BSI ISO 9001 FS 581360
BSI ISO 27001 IS 553326
Allianz für Cyber-Sicherheit