CVE-2024-11182CISA KEVEPSS p96.6%

CVE-2024-11182MDaemon Email Server Cross-Site Scripting (XSS) Vulnerability

MDaemon / Email Server

Description

MDaemon Email Server contains a cross-site scripting (XSS) vulnerability that allows a remote attacker to load arbitrary JavaScript code via an HTML e-mail message.

Scoring

EPSS16.35% probability of exploitation · percentile 96.6% · 2026-06-18T12:00:27Z

CISA KEV entry

Added to KEV: 2025-05-19

(incoming)1

TypeTargetConfidenceTier
KEVEntryMDaemon Email Server Cross-Site Scripting (XSS) Vulnerabilitykev-cve-2024-111820%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
Roundcube Webmail Cross-Site Scripting (XSS) Vulnerability
CVE
CVE-2026-42897
CVE
CVE-2025-44148
CVE
CVE-2025-29471
CVE
Roundcube Webmail Persistent Cross-Site Scripting (XSS) Vulnerability
CVE
RoundCube Webmail Cross-Site Scripting Vulnerability
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.