Total
                    3 CVE
                
            | CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 | 
|---|---|---|---|---|---|
| CVE-2024-6739 | 1 Openfind | 2 Mailaudit, Mailgates | 2024-11-21 | N/A | 5.3 MEDIUM | 
| The session cookie in MailGates and MailAudit from Openfind does not have the HttpOnly flag enabled, allowing remote attackers to potentially steal the session cookie via XSS. | |||||
| CVE-2020-25849 | 1 Openfind | 2 Mailaudit, Mailgates | 2024-11-21 | 9.0 HIGH | 8.8 HIGH | 
| MailGates and MailAudit products contain Command Injection flaw, which can be used to inject and execute system commands from the cgi parameter after attackers obtain the user’s access token. | |||||
| CVE-2020-12782 | 1 Openfind | 2 Mailaudit, Mailgates | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL | 
| Openfind MailGates contains a Command Injection flaw, when receiving email with specific strings, malicious code in the mail attachment will be triggered and gain unauthorized access to system files. | |||||
