CVE-2024-28063

Kiteworks Totemomail through 7.0.0 allows /responsiveUI/EnvelopeOpenServlet envelopeRecipient reflected XSS.

CVSS

No CVSS.

References

Link	Resource
https://www.objectif-securite.ch/advisories/totemomail-reflected-xss.txt	Third Party Advisory
https://www.objectif-securite.ch/advisories/totemomail-reflected-xss.txt	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:totemo:totemomail:*:*:*:*:*:*:*:*

History

17 Jun 2025, 19:47

Type	Values Removed	Values Added
CPE		cpe:2.3:a:totemo:totemomail::::::::
First Time		Totemo totemomail Totemo
References	~~() https://www.objectif-securite.ch/advisories/totemomail-reflected-xss.txt -~~	() https://www.objectif-securite.ch/advisories/totemomail-reflected-xss.txt - Third Party Advisory

18 May 2024, 22:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-05-18 22:15

Updated : 2025-06-17 19:47

NVD link : CVE-2024-28063

Mitre link : CVE-2024-28063

JSON object : View

Products Affected

totemo

CWE

No CWE.