CVE-2026-40875
mailcow: dockerized vulnerable to stored XSS in user login history real_rip
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
mailcow: dockerized is an open source groupware/email suite based on docker. In versions prior to 2026-03b, the user dashboard's "Seen successful connections" (login history) renders the client IP from login logs without HTML escaping. Because the server trusts the X-Real-IP header as the source IP for logging, an attacker can inject HTML/JS into this field. This Self-XSS can be exploited by a Login CSRF to force the victim into the attacker's account, and then read emails in a previous browser tab. Version 2026-03b fixes the vulnerability.
| CWE | CWE-79 CWE-80 |
| Vendor | mailcow |
| Product | mailcow-dockerized |
| Published | Apr 21, 2026 |
| Last Updated | Apr 21, 2026 |
Stay Ahead of the Next One
Get instant alerts for mailcow mailcow-dockerized
Be the first to know when new unknown vulnerabilities affecting mailcow mailcow-dockerized are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
mailcow / mailcow-dockerized
< 2026-03b