Software602 602Pro LAN Suite Web Mail Cross-Site Scripting Vulnerability

It has been reported that 602Pro LAN Suite Web Mail is prone to a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user input supplied via the URI.

Attackers may exploit this vulnerability to steal authentication credentials. Other attacks may also be possible.

**The vendor has stated that they were unable to reproduce this issue, therefore, this BID has been changed to conflicting reports. This issue will be updated as more information becomes available.


 

Privacy Statement
Copyright 2010, SecurityFocus