Last active
July 25, 2022 08:39
-
-
Save 0xVavaldi/9b7afbfe56938294480f7613805d3b7f to your computer and use it in GitHub Desktop.
CVE-2022-27105 CVE InMailX XSS
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| CVE-2022-27105 | |
| These vulnerabilities are only impacting customers that are licensed to use inMailX Email Manager with SharePoint store. Customers that do not have a license for the inMailX Email Manager Module, or customers that have a license for inMailX Email Manager but disabled the inMailX Notifier feature and SharePoint store, are not impacted by these vulnerabilities, as the inMailX Notifier and SharePoint store are only available for customers being licensed to use inMailX Email Manager and SharePoint Connector. | |
| InMailX XSS Vulnerability version requirements: | |
| 3.21.0601 up until 3.22.0300 are affected. Upgrade to 3.22.0300 or above to remediate. | |
| The first finding is located in the InMailX notifier with HTML rendering enabled by the user. | |
| When receiving an email containing a XSS payload like <script>alert(1)</script> the code is executed when the notifier fires a notification to the desktop user. | |
| The second finding is located in the name of (SharePoint) connections. | |
| A user can specify this or a network administrator with privileges to distribute the file throughout the AD network. | |
| Setting the name of for example a SharePoint connection to: <script>alert(1)</script> with any arbitrary URL as target will run the XSS when trying to open the server name in the outlook overview list. | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment