CVE-2019-0218: Apache Pony Mail (incubating) Reflected XSS
Severity: Moderate Vendor: The Apache Software Foundation Versions Affected: Apache Pony Mail (incubating) versions 0.8 through 0.10 Description: A vulnerability was discovered wherein a specially crafted URL could enable reflected XSS via JavaScript in the pony mail interface. Mitigation: All users should upgrade to Pony Mail (incubating) v/0.11 Credit: - This issue was initially discovered by Francesco Soncina - ABN AMRO Red Team. References: http://ponymail.incubator.apache.org/support.html https://s.apache.org/pony11
