CVE-2006-2138
CVE-2006-2138 describes a cross-site scripting (XSS) vulnerability in NeoMail 1.29, specifically in neomail.pl, that allows remote attackers to inject arbitrary web script or HTML via the sessionid parameter. The issue is triggered in NeoMail’s web interface and can lead to user-side script execu...