• info
• discussion
• exploit
• solution
• references

IlohaMail User Parameter Cross-Site Scripting Vulnerability

There is no exploit required.