Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

SmarterMail 8.0 - Multiple XSS Vulnerabilities

🗓️ 01 Jul 2014 00:00:00Reported by RootType 
seebug
 seebug🔗 www.seebug.org👁 13 Views

SmarterMail 8.0 - XSS Vulnerabilities CWE-79, CAPEC-8

Code

                                                Author: Hoyt LLC Research
Target: SmarterMail Version 8.0.4086.25048
Tools: Burp Suite Pro 1.3.09, FuzzDB
Description: XSS, Cross Site Scripting in SmarterMail 8.0.4086.25048, CWE-79, CAPEC-86
Keywords: Stored XSS, Reflected XSS, Cross Site Scripting, SmarterMail 8.0.4086.25048, xss.cx, hoyt llc research, CWE-79, CAPEC-86, DORK
Vendor Patch: Unavailable as of 3.14.2011
Workaround: IDS/IPS Vendors may develop a solution and/or WAF Filtering for Script Tags
CVE-ID: Requested

Comments: It is our experience that SmarterTools demonstrates Best Practices and will work to resolve this Stored XSS encoded-percentage vulnerability quickly and Full Disclosure is Reported to inform the public-at-large.
Issue:	Cross-site scripting (stored) - SmarterMail 8.0.4086.25048
Severity:	High
Confidence:	Certain
Host:	http://vulnerable.smartermail.80.host:9998
Path:	/Main/frmPopupContactsList.aspx
Issue detail | Interim Report
The value of the ctl00%24MPH%24wucContactInfo%24txtEmailAddress_SettingText request parameter submitted to the URL /Main/frmContact.aspx is copied into the HTML document as plain text between tags at the URL /Main/frmPopupContactsList.aspx. The payload Expression was submitted in the ctl00%24MPH%24wucContactInfo%24txtEmailAddress_SettingText parameter. This input was returned unmodified in a subsequent request for the URL /Main/frmPopupContactsList.aspx.

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
01 Jul 2014 00:00Current
7.1High risk
Vulners AI Score7.1
smartermail 8.0xsscross site scriptingstored xssreflected xsscwe-79capec-86hoyt llc researchfull disclosurevulnerable version
13