Rumble Mail Server Project Rumble Mail Server — known CVE vulnerabilities
Every CVE whose affected-product data names Rumble Mail Server Project Rumble Mail Server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2021-43456 — CVSS 7.8 (high): An Unquoted Service Path vulnerablility exists in Rumble Mail Server 0.51.3135 via via a specially crafted file in the RumbleService…
CVE-2021-43459 — CVSS 5.4 (medium): A Cross Site Scripting (XSS) vulnerability exists in Rumble Mail Server 0.51.3135 via the (1) domain and (2) path parameters.
CVE-2021-43461 — CVSS 5.4 (medium): Cross Site Scripting (XSS) vulnerability exists in Rumble Mail Server 0.51.3135 via the servername parameter.
CVE-2021-43462 — CVSS 5.4 (medium): A Cross Site Scripting (XSS) vulnerability exists in Rumble Mail Server 0.51.3135 via the username parameter.