Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
RedLevel Advisory #018 - RM EasyMail Plus - Cross-Site Scripting Vulnerability #2
May 20 2007 01:22AM
john martinelli com
RM EasyMail Plus - Cross-Site Scripting Vulnerability #2
This cross-site scripting vulnerability can be exploited if a client views an email with a specially crafted title.
Vulnerable E-Mail Title: </title><script>alert(1)</script>
Vulnerable: RM EasyMail Plus
Google d0rk: intitle:"Powered by RM E...
[ more ]
Copyright 2010, SecurityFocus