CVE-2010-4930

2011-10-0910:00:00

mitre

www.cve.org

5.6 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

79.2%

JSON

Cross-site scripting (XSS) vulnerability in index.php in @mail Webmail before 6.2.0 allows remote attackers to inject arbitrary web script or HTML via the MailType parameter in a mail/auth/processlogin action.

References

osvdb.org/68183

secunia.com/advisories/41555

securityreason.com/securityalert/8455

www.securityfocus.com/archive/1/513890/100/0/threaded

www.securityfocus.com/bid/43377

exchange.xforce.ibmcloud.com/vulnerabilities/61958