CVE-2006-3297
CVE-2006-3297 is an XSS vulnerability in UebiMiau Webmail’s error.php (versions 2.7.10 and earlier). The icq parameter can be injected to execute arbitrary web script/HTML in the victim’s browser. Root cause is insufficient input sanitization in error.php. Impact per sources is a remote attacker ...