CVE-2019-7219
CVE-2019-7219
Vexday Risk Score
18Bajo
Decisión SSVC (CISA)
Attend
PoC disponible → seguir de cerca
Madurez del exploit
Exploit funcional
Exploit automatizable disponible (Nuclei/Metasploit).
CVSS —EPSS 5.2%KEV nãoPoC —Nuclei simMetasploit —Patch —
Ciclo de vida
11 abr 2019Publicada en NVD
Recomendación: Planificar corrección próxima — ya existe PoC pública.
Unauthenticated reflected cross-site scripting (XSS) exists in Zarafa Webapp 2.0.1.47791 and earlier. NOTE: this is a discontinued product. The issue was fixed in later Zarafa Webapp versions; however, some former Zarafa Webapp customers use the related Kopano product instead.
Productos afectados
n/a · n/a