漏洞描述
AtMail是一个开源的WebMail客户端。它提供“清爽”的Ajax Webmail界面,支持通信录管理,并且支持IMAP。AtMail存在过滤不完全的情况,造成存在反射型XSS漏洞
AtMail 6.5.0反射型XSS漏洞(CVE-2022-30776)
PoC代码
暂无相关漏洞推荐
- 微力同步 /rest/f/api/resources/f96956469e7be39d 文件读取漏洞
- Frappe /api/method/frappe.automation.doctype.auto_repeat.auto_repeat.generate_message_preview SQL 注入漏洞(CVE-2025-68929)
- Frappe /files 目录遍历漏洞(CVE-2025-68953)
- POC CVE-2012-10018: WordPress Mapplic <= 6.1 / Mapplic Lite <= 1.0 - Authenticated Stored XSS via SVG File Upload
- POC CVE-2025-52691: SmarterMail - Unrestricted File Upload
- POC CVE-2025-60188: Atarim < 4.2.2 - Sensitive Information Exposure
- POC CVE-2006-3392: Webmin < 1.290 / Usermin < 1.220 - Arbitrary File Disclosure
- POC CVE-2011-3600: Apache OFBiz - XML External Entity Injection
- POC CVE-2016-15043: WP Mobile Detector <= 3.5 - Unrestricted File Upload
- POC CVE-2017-17762: Episerver 7 - Blind XML External Entity Injection
- POC CVE-2018-6961: VMware NSX SD-WAN Edge - Command Injection
- POC CVE-2018-9206: Blueimp jQuery-File-Upload v9.22.0 - Unrestricted File Upload
- POC CVE-2021-20617: Acmailer - Improper Access Control to OS Command Injection