Multiple cross-site scripting (XSS) vulnerabilities in history-storage.aspx in AfterLogic WebMail Pro 4.7.10 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) HistoryStorageObjectName and (2) HistoryKey parameters.
CPE | Name | Operator | Version |
---|---|---|---|
webmail_pro | eq | 4.5 | |
webmail_pro | le | 4.7.10 |