Lucene search
K

4 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

SmarterTools SmarterMail 4.3 Subject Field HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27878/info SmarterMail is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input. Attacker-supplied HTML and script code would execute in the context of the affecte...

7.1AI score
Exploits0
NVD
NVD
added 2008/02/21 7:44 p.m.16 views

CVE-2008-0872

Cross-site scripting XSS vulnerability in SmarterTools SmarterMail Enterprise 4.3 allows remote attackers to inject arbitrary web script or HTML via a STYLE attribute of an element in the Subject field of an e-mail message...

4.3CVSS5.6AI score0.0172EPSS
Exploits1References6
Prion
Prion
added 2008/02/21 7:44 p.m.18 views

Cross site scripting

Cross-site scripting XSS vulnerability in SmarterTools SmarterMail Enterprise 4.3 allows remote attackers to inject arbitrary web script or HTML via a STYLE attribute of an element in the Subject field of an e-mail message...

4.3CVSS6AI score0.0172EPSS
Exploits1References6Affected Software1
CVE
CVE
added 2008/02/21 7:0 p.m.41 views

CVE-2008-0872

CVE-2008-0872 affects SmarterTools SmarterMail Enterprise 4.3. The issue is a cross-site scripting (XSS) vulnerability in the webmail Subject field where the STYLE attribute can carry arbitrary HTML/Script reflected in the user’s browser. Root cause: inadequate sanitization of the Subject field b...

4.3CVSS5.6AI score0.0172EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder