3 matches found
Cross site scripting
Cross-site scripting XSS vulnerability in SmarterTools SmarterMail Enterprise 4.3 allows remote attackers to inject arbitrary web script or HTML via a STYLE attribute of an element in the Subject field of an e-mail message...
CVE-2008-0872
Cross-site scripting XSS vulnerability in SmarterTools SmarterMail Enterprise 4.3 allows remote attackers to inject arbitrary web script or HTML via a STYLE attribute of an element in the Subject field of an e-mail message...
smartermail-xss.txt
Product: SmarterMail Enterprise 4.3 Web product: http://www.smartertools.com/Products/SmarterMail/O verview.aspx web product demo: http://maildemo.smartertools.com/Login.aspx Apparently this webmail is vulnerable to an attack xss very dangerous because it runs automatically when you open the inbo...