Date published: 2017-07-25T13:29:00.403-04:00
Date last modified: 2017-07-28T13:03:31.693-04:00
CVSS Score: 4.3
Principal attack vector: NETWORK
Reference URL: https://help.atmail.com/hc/en-us/articles/115007169147-Minor-Update-7-8-0-2-ActiveSync-2-3-6
Summary: Cross-site scripting (XSS) vulnerability in atmail prior to version 126.96.36.199 allows remote attackers to inject arbitrary web script or HTML within the body of an email via an IMG element with both single quotes and double quotes.