2 matches found
CVE-2004-2548
NetWin SurgeMail before 2.0c and NetWin WebMail expose multiple cross-site scripting (XSS) vulnerabilities. Affected inputs: (1) a URI containing the script, and (2) the login form’s username field. The issue may be related to an error-message effect described in CVE-2004-2547. No remediation det...
CVE-2004-2548
Multiple cross-site scripting XSS vulnerabilities in NetWin 1 SurgeMail before 2.0c and 2 WebMail allow remote attackers to inject arbitrary web script or HTML via a a URI containing the script, or b the username field in the login form. NOTE: it is possible that the first attack vector is...