CASE: SMARTERMAIL

The DIVD notified SmarterTools Inc. of the following vulnerabilities:

• CVE-2021-43977 - SmarterTools SmarterMail before 100.0.7803 (May 13, 2021) and 16.x allows XSS.
• CVE-2021-32233 - SmarterTools SmarterMail before 100.0.7803 (May 13, 2021) and 16.x allows XSS.
• CVE-2021-32234 - SmarterTools SmarterMail before 100.0.7803 (May 13, 2021) and 16.x allows Remote Code Execution.

The DIVD warned users with a version of SmarterMail before 100.0.7803 (May 13, 2021) or 16.x, and advised to upgrade to the latest version as soon as possible.