4 matches found
SmarterTools SmarterMail 4.3 Subject Field HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/27878/info SmarterMail is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input. Attacker-supplied HTML and script code would execute in the context of the affecte...
CVE-2008-0872
Cross-site scripting XSS vulnerability in SmarterTools SmarterMail Enterprise 4.3 allows remote attackers to inject arbitrary web script or HTML via a STYLE attribute of an element in the Subject field of an e-mail message...
Cross site scripting
Cross-site scripting XSS vulnerability in SmarterTools SmarterMail Enterprise 4.3 allows remote attackers to inject arbitrary web script or HTML via a STYLE attribute of an element in the Subject field of an e-mail message...
CVE-2008-0872
CVE-2008-0872 affects SmarterTools SmarterMail Enterprise 4.3. The issue is a cross-site scripting (XSS) vulnerability in the webmail Subject field where the STYLE attribute can carry arbitrary HTML/Script reflected in the user’s browser. Root cause: inadequate sanitization of the Subject field b...