CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:N/I:P/A:N
AI Score
Confidence
Low
EPSS
Percentile
57.7%
frmAddfolder.aspx in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows remote authenticated users to create a folder that SmarterMail cannot delete or rename via a folder name with a null byte (“%00”). NOTE: it is not clear whether this issue poses a vulnerability.
Vendor | Product | Version | CPE |
---|---|---|---|
smartertools | smartermail | 1.6.1511 | cpe:2.3:a:smartertools:smartermail:1.6.1511:*:*:*:*:*:*:* |
smartertools | smartermail | 1.6.1529 | cpe:2.3:a:smartertools:smartermail:1.6.1529:*:*:*:*:*:*:* |