6.1 Medium
AI Score
Confidence
High
0.006 Low
EPSS
Percentile
79.2%
Cross-site scripting (XSS) vulnerability in index.php in @mail Webmail before 6.2.0 allows remote attackers to inject arbitrary web script or HTML via the MailType parameter in a mail/auth/processlogin action.
osvdb.org/68183
secunia.com/advisories/41555
securityreason.com/securityalert/8455
www.securityfocus.com/archive/1/513890/100/0/threaded
www.securityfocus.com/bid/43377
exchange.xforce.ibmcloud.com/vulnerabilities/61958