The SEPPmail solution is vulnerable to a Cross-Site Scripting vulnerability (XSS), because user input is not correctly encoded in HTML attributes when returned by the server.SEPPmail 11.1.10 allows XSS via a recipient address.Referenceshttps://www.pentagrid.ch/en/blog/multiple-vulnerabilities-in-seppmail/
