Open Hub
Open Hub

 Settings |  Report Duplicate

0
I Use This!
Activity Not Available
Analyzed 12 months ago. based on code collected 12 months ago.
 

Security

Vulnerabilities per Version

Learn more about BDSAs
 
 

Major Versions

1yr
3yr
5yr
10yr
All
click and drag to zoom
 
 
Security Vulnerabilities for Version:
Severities:
Type
Identifier Related Record Severity Date Published Description Versions Affected
CVE-2021-43462 Medium Apr 04, 2022 A Cross Site Scripting (XSS) vulnerability exists in Rumble Mail Server 0.51.3135 via the username parameter.
0.51.3135
CVE-2021-43461 Medium Apr 04, 2022 Cross Site Scripting (XSS) vulnerability exists in Rumble Mail Server 0.51.3135 via the servername parameter.
0.51.3135
CVE-2021-43459 Medium Apr 04, 2022 A Cross Site Scripting (XSS) vulnerability exists in Rumble Mail Server 0.51.3135 via the (1) domain and (2) path parameters.
0.51.3135
CVE-2021-43456 High Apr 04, 2022 An Unquoted Service Path vulnerablility exists in Rumble Mail Server 0.51.3135 via via a specially crafted file in the RumbleService executable service more...
0.51.3135
BDSA-2020-3900 High Dec 24, 2020 Rumble Mail Server contains a stored cross-site scripting (XSS) vulnerability due to a lack of sanitization of user-supplied input with the `path` para more...
BDSA-2020-3899 High Dec 24, 2020 Rumble Mail Server contains a stored cross-site scripting (XSS) vulnerability due to a lack of sanitization of user-supplied input with the `domain` pa more...
BDSA-2020-3896 High Dec 24, 2020 Rumble Mail Server contains a stored cross-site scripting (XSS) vulnerability due to a lack of sanitization of user-supplied input with the `servername more...
BDSA-2020-3759 Medium Dec 14, 2020 Rumble Mail Server contains a stored cross-site scripting (XSS) vulnerability due to an absence of correct parameter input validation. A remote attacke more...
BDSA-2020-3663 High Dec 07, 2020 Rumble Mail Server contains an unquoted service path vulnerability. An attacker can take advantage of this to escalate their privileges.
BDSA-2017-1473 High Oct 31, 2017 Rumble is a mail server suite. It contains a stored cross-site scripting (*XSS*) vulnerability due to improper validation of user-supplied data. An att more...