SA-CONTRIB-2011-032 - Mail Logger - Cross Site Scripting

The Mail Logger module logs all outgoing e-mails and provides users with the "access mail logger" permission to view logged e-mails. The module does not sanitize the log output of addressee information, subject, and body, leading to a Cross-Site Scripting XSS vulnerability that may lead to a...