Cybersecurity and Infrastructure Security Agency (CISA) has added a cross-site scripting (XSS) vulnerability affecting MDaemon Email Server to its Known Exploited Vulnerabilities (KEV) Catalog on May 19, 2025. This critical addition, identified as CVE-2024-11182, highlights a security flaw that allows attackers to inject malicious JavaScript code via crafted HTML emails. Federal agencies now have until […]

The post CISA Includes MDaemon Email Server XSS Flaw in KEV Catalog appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Mayura Kathir

Source: gbHackers
Source Link: https://gbhackers.com/cisa-includes-mdaemon-email-server-xss-flaw/