SurgeMail < 4.3g XSS Vulnerability - Active Check

SurgeMail is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:netwin:surgemail"...

CVE-2010-3201

Cross-site scripting XSS vulnerability in NetWin Surgemail before 4.3g allows remote attackers to inject arbitrary web script or HTML via the usernameex parameter to the surgeweb program...

CVE-2010-3201

The CVE-2010-3201 entry concerns NetWin Surgemail (SurgeMail) SurgeWeb Cross‑Site Scripting (XSS) via the username_ex parameter. The vulnerability is described as a remote XSS that allows an attacker to inject arbitrary script/HTML in the SurgeWeb login page, potentially stealing cookies or hijac...

SurgeMail SurgeWeb Cross Site Scripting Vulnerability

SurgeMail is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to...

Surgemail SurgeWeb 4.3e - Cross-Site Scripting

source: https://www.securityfocus.com/bid/43679/info SurgeMail is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context...