NeoSys Neon Webmail for Java 5.06/5.07 - 'updatemail' Servlet Arbitrary Mail Message Manipulation
source: https://www.securityfocus.com/bid/20109/info Neon WebMail is prone to multiple input-validation vulnerabilities because it fails to sanitize user-supplied input. These issues include: - an arbitrary-file-upload vulnerability - an arbitrary-email-manipulation vulnerability - multiple...