CVE-2021-43977

SmarterTools SmarterMail 16.x through 100.x before 100.0.7803 allows XSS.

CVE	CVE-2021-43977
Title	SmarterTools SmarterMail 16.x through 100.x before 100.0.7803 allows XSS.
Credits	Discovered by Wietse Boonstra of DIVD (finder) Victor Pasman of DIVD (analyst)
Affected products	Product Affected Unaffected Unknown SmarterTools SmarterMail >= 16.x to < 100.0.7803 (custom)
CVSS
References	https://www.smartertools.com/smartermail/release-notes/current ( x_refsource_MISC ) https://csirt.divd.nl/DIVD-2021-00006/ ( third-party-advisory ) https://csirt.divd.nl/CVE-2021-43977/ ( third-party-advisory )
Problem type(s)	CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Date published
Last modified	17 Nov 2021 15:54 UTC

Description

---

JSON version.