SmartList ListManager Arbitrary List Addition Vulnerability

Smartlist could allow arbitrary email addresses to be added to a mailing list. This issue is due to a vulnerability in the confirm add-on function of Smartlist. The function can be tricked, thus permitting the addition of arbitrary addresses to the list.


 

Privacy Statement
Copyright 2010, SecurityFocus