| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 3.2 | $0-$5k | 0.00 |
Summary
A vulnerability identified as problematic has been detected in Ipswitch IMail up to 12.4.1.14. The impacted element is an unknown function of the component Task Handler. Performing a manipulation with the input <iframe src=http://www.mysite.com/remote/xss_h.html> results in cross site scripting.
This vulnerability is cataloged as CVE-2014-3878. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
You should upgrade the affected component.
Details
A vulnerability, which was classified as problematic, was found in Ipswitch IMail up to 12.4.1.14 (Mail Server Software). This affects some unknown functionality of the component Task Handler. The manipulation with the input value <iframe src=http://www.mysite.com/remote/xss_h.html> leads to a cross site scripting vulnerability. CWE is classifying the issue as CWE-79. The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. This is going to have an impact on integrity.
The weakness was shared 06/03/2014 by Peru as IPSwitch IMail Server WEB client 12.4 persistent XSS as not defined mailinglist post (Full-Disclosure). The advisory is shared at seclists.org. The vendor cooperated in the coordination of the public release. This vulnerability is uniquely identified as CVE-2014-3878 since 05/27/2014. The exploitability is told to be easy. It is possible to initiate the attack remotely. A authentication is required for exploitation. It demands that the victim is doing some kind of user interaction. Technical details and a public exploit are known. MITRE ATT&CK project uses the attack technique T1059.007 for this issue.
A public exploit has been developed by Peru (Peru) in HTML/Javascript and been published immediately after the advisory. The exploit is shared for download at seclists.org. It is declared as proof-of-concept. The vulnerability scanner Nessus provides a plugin with the ID 76490 (Ipswitch IMail Server 11.x / 12.x < 12.4.1.15 Multiple Vulnerabilities (Heartbleed)), which helps to determine the existence of the flaw in a target environment. It is assigned to the family Misc..
Upgrading to version 12.4.1.15 eliminates this vulnerability. The upgrade is hosted for download at imailserver.com.
The vulnerability is also documented in the databases at X-Force (93645), Exploit-DB (33633), Tenable (76490), SecurityFocus (BID 67830†) and OSVDB (107700†). The entries VDB-13448, VDB-13447 and VDB-13446 are related to this item. Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Product
Type
Vendor
Name
Version
- 12.4.1.0
- 12.4.1.1
- 12.4.1.2
- 12.4.1.3
- 12.4.1.4
- 12.4.1.5
- 12.4.1.6
- 12.4.1.7
- 12.4.1.8
- 12.4.1.9
- 12.4.1.10
- 12.4.1.11
- 12.4.1.12
- 12.4.1.13
- 12.4.1.14
License
Website
- Vendor: https://www.ipswitch.com/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 3.5VulDB Meta Temp Score: 3.2
VulDB Base Score: 3.5
VulDB Temp Score: 3.2
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Cross site scriptingCWE: CWE-79 / CWE-94 / CWE-74
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Yes
Availability: 🔍
Access: Public
Status: Proof-of-Concept
Author: Peru (Peru)
Programming Language: 🔍
Download: 🔍
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Nessus ID: 76490
Nessus Name: Ipswitch IMail Server 11.x / 12.x < 12.4.1.15 Multiple Vulnerabilities (Heartbleed)
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
Exploit-DB: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
0-Day Time: 🔍
Exploit Delay Time: 🔍
Upgrade: IMail 12.4.1.15
Timeline
05/27/2014 🔍06/03/2014 🔍
06/03/2014 🔍
06/03/2014 🔍
06/03/2014 🔍
06/04/2014 🔍
06/05/2014 🔍
06/05/2014 🔍
06/05/2014 🔍
07/21/2014 🔍
08/16/2025 🔍
Sources
Vendor: ipswitch.comAdvisory: IPSwitch IMail Server WEB client 12.4 persistent XSS
Researcher: Peru
Status: Confirmed
Coordinated: 🔍
CVE: CVE-2014-3878 (🔍)
GCVE (CVE): GCVE-0-2014-3878
GCVE (VulDB): GCVE-100-13449
X-Force: 93645
SecurityFocus: 67830 - IPSwitch IMail Server WEB client Multiple HTML Injection Vulnerabilities
OSVDB: 107700
SecurityTracker: 1030335 - IMail Server Input Validation Flaw Permits Cross-Site Scripting Attacks
Vulnerability Center: 45547 - IPSwitch IMail Server <12.4.1.15 Multiple Remote XSS Vulnerabilities, Medium
scip Labs: https://www.scip.ch/en/?labs.20161013
See also: 🔍
Entry
Created: 06/05/2014 14:24Updated: 08/16/2025 20:25
Changes: 06/05/2014 14:24 (78), 06/02/2017 08:06 (8), 06/20/2021 15:47 (3), 06/20/2021 15:52 (1), 08/16/2025 20:25 (16)
Complete: 🔍
Cache ID: 216:27C:103
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
No comments yet. Languages: en.
Please log in to comment.