Cross-site scripting (XSS) vulnerability in cgiemail and cgiecho allows remote attackers to inject arbitrary web script or HTML via the addendum parameter.
Max CVSS
6.1
EPSS Score
0.13%
Published
2017-03-03
Updated
2017-03-07
cgiemail and cgiecho allow remote attackers to inject HTTP headers via a newline character in the redirect location.
Max CVSS
6.1
EPSS Score
0.13%
Published
2017-03-03
Updated
2017-03-07
Format string vulnerability in cgiemail and cgiecho allows remote attackers to execute arbitrary code via format string specifiers in a template file.
Max CVSS
7.8
EPSS Score
1.80%
Published
2017-03-03
Updated
2017-03-07
3 vulnerabilities found