Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
CVE-2022-27105 CVE InMailX XSS
These vulnerabilities are only impacting customers that are licensed to use inMailX Email Manager with SharePoint store. Customers that do not have a license for the inMailX Email Manager Module, or customers that have a license for inMailX Email Manager but disabled the inMailX Notifier feature and SharePoint store, are not impacted by these vulnerabilities, as the inMailX Notifier and SharePoint store are only available for customers being licensed to use inMailX Email Manager and SharePoint Connector.
InMailX XSS Vulnerability version requirements:
3.21.0601 up until 3.22.0300 are affected. Upgrade to 3.22.0300 or above to remediate.
The first finding is located in the InMailX notifier with HTML rendering enabled by the user.
When receiving an email containing a XSS payload like <script>alert(1)</script> the code is executed when the notifier fires a notification to the desktop user.
The second finding is located in the name of (SharePoint) connections.
A user can specify this or a network administrator with privileges to distribute the file throughout the AD network.
Setting the name of for example a SharePoint connection to: <script>alert(1)</script> with any arbitrary URL as target will run the XSS when trying to open the server name in the outlook overview list.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment