Date published: 2017-07-25T13:29:00.403-04:00
Date last modified: 2017-07-28T13:03:31.693-04:00
CVSS Score: 4.3
Principal attack vector: NETWORK
Reference URL: https://help.atmail.com/hc/en-us/articles/115007169147-Minor-Update-7-8-0-2-ActiveSync-2-3-6
Summary: Cross-site scripting (XSS) vulnerability in atmail prior to version 22.214.171.124 allows remote attackers to inject arbitrary web script or HTML within the body of an email via an IMG element with both single quotes and double quotes.