2 matches found
CVE-2004-2494
The CVE-2004-2494 entry describes a Cross-site Scripting (XSS) vulnerability in Ability Mail Server 1.18, exploitable through the erromsg parameter in the _error handler. The underlying issue is an input/output handling flaw that allows remote attackers to inject arbitrary web script or HTML via ...
CVE-2004-2494
Cross-site scripting XSS vulnerability in error in Ability Mail Server 1.18 allows remote attackers to inject arbitrary web script or HTML via the erromsg parameter...